General
-
Target
7e02b577619e386b7622f6a1469cc742_JaffaCakes118
-
Size
4.1MB
-
Sample
240528-xhmxnsfh3s
-
MD5
7e02b577619e386b7622f6a1469cc742
-
SHA1
6c3261d6d2bf718c6d341bf5f6caa27a09012bef
-
SHA256
15e3ae69d6a178651f4d1a10c7ebad6b457719bec0a2a9662fa83ca02a8dbae8
-
SHA512
1943169d0a53e22b9cfe930d5968acb47100614e59806dcb3f5ae9bc175bff7e567f14d5b4bf03c006c4e6bd7b2229d75c395cb462e5ab3ff089c1c6a5680471
-
SSDEEP
49152:59/POe1/ifmyLPEuWDSGg6+jWmZ9soXmqL4lbREW0NwVJe+A9mfWh1u/u9CzGxLo:H2XwuKgJiTLqLEREd6VEN9mWbyNqOx
Malware Config
Targets
-
-
Target
7e02b577619e386b7622f6a1469cc742_JaffaCakes118
-
Size
4.1MB
-
MD5
7e02b577619e386b7622f6a1469cc742
-
SHA1
6c3261d6d2bf718c6d341bf5f6caa27a09012bef
-
SHA256
15e3ae69d6a178651f4d1a10c7ebad6b457719bec0a2a9662fa83ca02a8dbae8
-
SHA512
1943169d0a53e22b9cfe930d5968acb47100614e59806dcb3f5ae9bc175bff7e567f14d5b4bf03c006c4e6bd7b2229d75c395cb462e5ab3ff089c1c6a5680471
-
SSDEEP
49152:59/POe1/ifmyLPEuWDSGg6+jWmZ9soXmqL4lbREW0NwVJe+A9mfWh1u/u9CzGxLo:H2XwuKgJiTLqLEREd6VEN9mWbyNqOx
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-