General
-
Target
bba03983985f409dcce98254b5b58858_JaffaCakes118
-
Size
5.0MB
-
Sample
240618-nbb26a1clb
-
MD5
bba03983985f409dcce98254b5b58858
-
SHA1
91498d7ce5a97e2838c1a32432fb36389eef0cd7
-
SHA256
7eced83baacd8d067d1195f9cdaaafbd0c4b01ded6e95b12b5d454f94dea6aff
-
SHA512
67336bd633b9db2537f59315cefed371db925f07a246741c5aa306f81c801d1a876ffccdfaa2d77ef370e2a88936d31314987842c0e44bf78a6e5fd00acb23e9
-
SSDEEP
49152:CnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:uDqPoBhz1aRxcSUDk36SA
Static task
static1
Behavioral task
behavioral1
Sample
bba03983985f409dcce98254b5b58858_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
bba03983985f409dcce98254b5b58858_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
bba03983985f409dcce98254b5b58858_JaffaCakes118
-
Size
5.0MB
-
MD5
bba03983985f409dcce98254b5b58858
-
SHA1
91498d7ce5a97e2838c1a32432fb36389eef0cd7
-
SHA256
7eced83baacd8d067d1195f9cdaaafbd0c4b01ded6e95b12b5d454f94dea6aff
-
SHA512
67336bd633b9db2537f59315cefed371db925f07a246741c5aa306f81c801d1a876ffccdfaa2d77ef370e2a88936d31314987842c0e44bf78a6e5fd00acb23e9
-
SSDEEP
49152:CnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAA:uDqPoBhz1aRxcSUDk36SA
Score10/10-
Modifies firewall policy service
-
Contacts a large (3253) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-