General
-
Target
58dc734f0486efb9ff6b6b6066e114e0_JaffaCakes118
-
Size
5.0MB
-
Sample
240519-glfd1add45
-
MD5
58dc734f0486efb9ff6b6b6066e114e0
-
SHA1
a5e210fd3e2f4e114549a567c71ab5e2a7054286
-
SHA256
6da34f82d5170e579f967053bc1ecfd27d2777b59ac25807d8dd5148c28748fb
-
SHA512
c6a238810bc6235a95a01e7ed25e16617b67704ff28bf19a4f9b599b218f3b6c2495c4a43e57f56d6e793a0da07aa54df92abdea25cb1bf14072e1f346e69f8a
-
SSDEEP
98304:IDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:IDqPe1Cxcxk3ZAEUadzR8yc4H
Static task
static1
Behavioral task
behavioral1
Sample
58dc734f0486efb9ff6b6b6066e114e0_JaffaCakes118.dll
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
58dc734f0486efb9ff6b6b6066e114e0_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
58dc734f0486efb9ff6b6b6066e114e0_JaffaCakes118
-
Size
5.0MB
-
MD5
58dc734f0486efb9ff6b6b6066e114e0
-
SHA1
a5e210fd3e2f4e114549a567c71ab5e2a7054286
-
SHA256
6da34f82d5170e579f967053bc1ecfd27d2777b59ac25807d8dd5148c28748fb
-
SHA512
c6a238810bc6235a95a01e7ed25e16617b67704ff28bf19a4f9b599b218f3b6c2495c4a43e57f56d6e793a0da07aa54df92abdea25cb1bf14072e1f346e69f8a
-
SSDEEP
98304:IDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8yAVp2H:IDqPe1Cxcxk3ZAEUadzR8yc4H
Score10/10-
Modifies firewall policy service
-
Contacts a large (3306) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-