General
-
Target
938eaac63817be30c17978c36a14d45d_JaffaCakes118
-
Size
312KB
-
Sample
240604-ehj7nscc7w
-
MD5
938eaac63817be30c17978c36a14d45d
-
SHA1
7e5c44b5e4902be84203aca41207bd265de8c6e0
-
SHA256
c935594e2d39435daa0b1aa4e8bcd2783317beb4a5c6575991ed9db7c79695c9
-
SHA512
c4e601b0c6a1ce72191a5d27bb0fe265a54fc1e22aab1ffbc292bb763fece260e0186bdabc7076a4c15a5faa211bbb6e2e14e189bd3d4bcf1eb7134ce5d44c46
-
SSDEEP
3072:ob9chCbs07hdRhduItP/emDHBNTXn7BS4FI0rzBNZ237Qct7PX432gwbNTfSmovd:o3s0DwyemtpnFD/c7QUA32bNTFeHDt
Static task
static1
Behavioral task
behavioral1
Sample
938eaac63817be30c17978c36a14d45d_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
938eaac63817be30c17978c36a14d45d_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
938eaac63817be30c17978c36a14d45d_JaffaCakes118
-
Size
312KB
-
MD5
938eaac63817be30c17978c36a14d45d
-
SHA1
7e5c44b5e4902be84203aca41207bd265de8c6e0
-
SHA256
c935594e2d39435daa0b1aa4e8bcd2783317beb4a5c6575991ed9db7c79695c9
-
SHA512
c4e601b0c6a1ce72191a5d27bb0fe265a54fc1e22aab1ffbc292bb763fece260e0186bdabc7076a4c15a5faa211bbb6e2e14e189bd3d4bcf1eb7134ce5d44c46
-
SSDEEP
3072:ob9chCbs07hdRhduItP/emDHBNTXn7BS4FI0rzBNZ237Qct7PX432gwbNTfSmovd:o3s0DwyemtpnFD/c7QUA32bNTFeHDt
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-