General
-
Target
9f1a62a284edc47204e9ada51987950d_JaffaCakes118
-
Size
857KB
-
Sample
240611-wt2drswdkh
-
MD5
9f1a62a284edc47204e9ada51987950d
-
SHA1
6960774c96ae01c874a2280a4dc3067cc2875e72
-
SHA256
9459494b3c8f75df77af009fc932af578cf48be615ecb43d912b172a940e84df
-
SHA512
7b8f3e25c3b9e34d20c3a6369ba188652e1bbfc83505e89d20f57da87d7d1fd019c4a2913548e0a742cc2f0972c1115bfc420aeb02745077566712eb4140bd7a
-
SSDEEP
24576:q5b77TXJhDWwl+DFID5r4ZhyMGmzjZnjJIexOLFLTNkdBAnlrMjW:CHTJhDTluFIChyMGmzjZnjJIexOLF1kh
Malware Config
Targets
-
-
Target
9f1a62a284edc47204e9ada51987950d_JaffaCakes118
-
Size
857KB
-
MD5
9f1a62a284edc47204e9ada51987950d
-
SHA1
6960774c96ae01c874a2280a4dc3067cc2875e72
-
SHA256
9459494b3c8f75df77af009fc932af578cf48be615ecb43d912b172a940e84df
-
SHA512
7b8f3e25c3b9e34d20c3a6369ba188652e1bbfc83505e89d20f57da87d7d1fd019c4a2913548e0a742cc2f0972c1115bfc420aeb02745077566712eb4140bd7a
-
SSDEEP
24576:q5b77TXJhDWwl+DFID5r4ZhyMGmzjZnjJIexOLFLTNkdBAnlrMjW:CHTJhDTluFIChyMGmzjZnjJIexOLF1kh
Score9/10-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-