General
-
Target
70078801629398df6c0d6f6bbb70d759_JaffaCakes118
-
Size
5.0MB
-
Sample
240524-2mda9adh69
-
MD5
70078801629398df6c0d6f6bbb70d759
-
SHA1
8e5dacbc381f663573592eadab6d8af4019a6eb7
-
SHA256
7d3f339f10b2793ee3fcc538bafbe35e390978e4295934c59518c62fbfdc98dc
-
SHA512
46ee5721b51a297deb5db84b1dab664ac2ef4ad56d60216fe49101aaa931fb2f6bcac9760c2a2133b7c83ae0903dbb7f5fa8b707b04c01b8c0e55d8e039a5c64
-
SSDEEP
49152:tnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:hDqPoBhz1aRxcSUDk36SA
Static task
static1
Behavioral task
behavioral1
Sample
70078801629398df6c0d6f6bbb70d759_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
70078801629398df6c0d6f6bbb70d759_JaffaCakes118.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
70078801629398df6c0d6f6bbb70d759_JaffaCakes118
-
Size
5.0MB
-
MD5
70078801629398df6c0d6f6bbb70d759
-
SHA1
8e5dacbc381f663573592eadab6d8af4019a6eb7
-
SHA256
7d3f339f10b2793ee3fcc538bafbe35e390978e4295934c59518c62fbfdc98dc
-
SHA512
46ee5721b51a297deb5db84b1dab664ac2ef4ad56d60216fe49101aaa931fb2f6bcac9760c2a2133b7c83ae0903dbb7f5fa8b707b04c01b8c0e55d8e039a5c64
-
SSDEEP
49152:tnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:hDqPoBhz1aRxcSUDk36SA
Score10/10-
Modifies firewall policy service
-
Contacts a large (3122) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-