General
-
Target
4e6b1d4febbe112762fce975211e88f9_JaffaCakes118
-
Size
3.6MB
-
Sample
240517-e4a6wshe47
-
MD5
4e6b1d4febbe112762fce975211e88f9
-
SHA1
4ce440840ca8302ba9578b6888304648ea3b5dd4
-
SHA256
8a970427056601d3683eb801f335cc65378b89e968807f66d88be78400c955a7
-
SHA512
9ef46fe2435a5301184f1f5d902ea34d756e191a11f9fd03f82a830507752fae449f7c3058bcce3ca51eec9637da982fd554640173afde4e89e4e4889f871550
-
SSDEEP
98304:pDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:pDqPe1Cxcxk3ZAEUadzR8yc4H
Static task
static1
Behavioral task
behavioral1
Sample
4e6b1d4febbe112762fce975211e88f9_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4e6b1d4febbe112762fce975211e88f9_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
4e6b1d4febbe112762fce975211e88f9_JaffaCakes118
-
Size
3.6MB
-
MD5
4e6b1d4febbe112762fce975211e88f9
-
SHA1
4ce440840ca8302ba9578b6888304648ea3b5dd4
-
SHA256
8a970427056601d3683eb801f335cc65378b89e968807f66d88be78400c955a7
-
SHA512
9ef46fe2435a5301184f1f5d902ea34d756e191a11f9fd03f82a830507752fae449f7c3058bcce3ca51eec9637da982fd554640173afde4e89e4e4889f871550
-
SSDEEP
98304:pDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:pDqPe1Cxcxk3ZAEUadzR8yc4H
Score10/10-
Modifies firewall policy service
-
Contacts a large (3084) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Drops file in Drivers directory
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-