General
-
Target
a119f909f723d75e958d1a8b4b7c7772_JaffaCakes118
-
Size
5.0MB
-
Sample
240612-sjjt7azblh
-
MD5
a119f909f723d75e958d1a8b4b7c7772
-
SHA1
b9fa1802da17688666df58a5ac6b38e49603c19c
-
SHA256
412d4635deca5e3f92f67f9e870d37c6ba3425f4dc5234b08d2abf84d2267f25
-
SHA512
71fdb25be9ad09ce09ebdce9f1ba9920083f69aaf7f6001d1384d2f8ff4bd6126fefcccf9aa2c5200b4d43c6e14dc1828e2be00d49a1e09bdb6fde5b8785276a
-
SSDEEP
49152:lnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM:pDqPoBhz1aRxcSUDk36SAEdhvxW
Static task
static1
Behavioral task
behavioral1
Sample
a119f909f723d75e958d1a8b4b7c7772_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a119f909f723d75e958d1a8b4b7c7772_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
a119f909f723d75e958d1a8b4b7c7772_JaffaCakes118
-
Size
5.0MB
-
MD5
a119f909f723d75e958d1a8b4b7c7772
-
SHA1
b9fa1802da17688666df58a5ac6b38e49603c19c
-
SHA256
412d4635deca5e3f92f67f9e870d37c6ba3425f4dc5234b08d2abf84d2267f25
-
SHA512
71fdb25be9ad09ce09ebdce9f1ba9920083f69aaf7f6001d1384d2f8ff4bd6126fefcccf9aa2c5200b4d43c6e14dc1828e2be00d49a1e09bdb6fde5b8785276a
-
SSDEEP
49152:lnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAARdhnvxJM:pDqPoBhz1aRxcSUDk36SAEdhvxW
Score10/10-
Modifies firewall policy service
-
Contacts a large (3231) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-