General
-
Target
3e57e80f4f44e06a424b84d8e551329a_JaffaCakes118
-
Size
5.0MB
-
Sample
240513-h7ym5scb9s
-
MD5
3e57e80f4f44e06a424b84d8e551329a
-
SHA1
5dd15fd0c21e8dcf6b17bc7b6be8a1c2745d1654
-
SHA256
18f048bc4f8b471234e6c8e1bc1b76bdb7d3efe0396c3b27615a094d5fbb690d
-
SHA512
e84049ba529438572cb3a6c23d7fa968c5c15647ed891b765329702ac576874bfa2e3c01dde79e4998a4a3244d348152a00e032d6b90d43c27c6b6fb3354752e
-
SSDEEP
98304:dDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2p3:dDqPe1Cxcxk3ZAEUadzR8yc4p
Static task
static1
Behavioral task
behavioral1
Sample
3e57e80f4f44e06a424b84d8e551329a_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
3e57e80f4f44e06a424b84d8e551329a_JaffaCakes118.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
3e57e80f4f44e06a424b84d8e551329a_JaffaCakes118
-
Size
5.0MB
-
MD5
3e57e80f4f44e06a424b84d8e551329a
-
SHA1
5dd15fd0c21e8dcf6b17bc7b6be8a1c2745d1654
-
SHA256
18f048bc4f8b471234e6c8e1bc1b76bdb7d3efe0396c3b27615a094d5fbb690d
-
SHA512
e84049ba529438572cb3a6c23d7fa968c5c15647ed891b765329702ac576874bfa2e3c01dde79e4998a4a3244d348152a00e032d6b90d43c27c6b6fb3354752e
-
SSDEEP
98304:dDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2p3:dDqPe1Cxcxk3ZAEUadzR8yc4p
Score10/10-
Contacts a large (2999) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Modifies file permissions
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-