General
-
Target
6b0b2bdb6f780b0d045ba40dffe3510e_JaffaCakes118
-
Size
2.1MB
-
Sample
240523-qet39acb8z
-
MD5
6b0b2bdb6f780b0d045ba40dffe3510e
-
SHA1
28d3cb04cea32e87a1f09f38b450abf5b7aaaf81
-
SHA256
a3c2f3366a6d96af6fa1fc220c955a8e32e721d1ed599aea4ec0f2dfb971c8cb
-
SHA512
6e730e6cbdfda266ca6afd98b4d3c240a855e19c08575bb3e90c2db8a623c148cf1d334ce4fa05531bc33096a8e33b6027dc7f98aceaaaa3104b3180d82cfc15
-
SSDEEP
49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHaff+c:NABI
Behavioral task
behavioral1
Sample
6b0b2bdb6f780b0d045ba40dffe3510e_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
6b0b2bdb6f780b0d045ba40dffe3510e_JaffaCakes118
-
Size
2.1MB
-
MD5
6b0b2bdb6f780b0d045ba40dffe3510e
-
SHA1
28d3cb04cea32e87a1f09f38b450abf5b7aaaf81
-
SHA256
a3c2f3366a6d96af6fa1fc220c955a8e32e721d1ed599aea4ec0f2dfb971c8cb
-
SHA512
6e730e6cbdfda266ca6afd98b4d3c240a855e19c08575bb3e90c2db8a623c148cf1d334ce4fa05531bc33096a8e33b6027dc7f98aceaaaa3104b3180d82cfc15
-
SSDEEP
49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHaff+c:NABI
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-