General
-
Target
05332ca0220690466a19a4a4cc3bb6b9_JaffaCakes118
-
Size
1.3MB
-
Sample
240620-mnqweaxbjk
-
MD5
05332ca0220690466a19a4a4cc3bb6b9
-
SHA1
3d334957666e02ea141b625915743029a5ff6950
-
SHA256
06ebeda5e8aed0e64c324fd7eb1eb57743723be6736286a03370ba1a43672299
-
SHA512
803423ee2a0d1a0c663aecdd188b7d8d389bf8164412ee9c2bc996ad546a593a7e289f75c70e0e833d876f3e6916ba28c45db6d5aaa3eabf10e297fd8765c37e
-
SSDEEP
24576:CyRgG9E8a6f1H36sGmw0AZNmphbwpvypDzxJGQdAe4WP1/lPf:CkgGvD16sGmhbGypDiQdAe4CvH
Malware Config
Targets
-
-
Target
05332ca0220690466a19a4a4cc3bb6b9_JaffaCakes118
-
Size
1.3MB
-
MD5
05332ca0220690466a19a4a4cc3bb6b9
-
SHA1
3d334957666e02ea141b625915743029a5ff6950
-
SHA256
06ebeda5e8aed0e64c324fd7eb1eb57743723be6736286a03370ba1a43672299
-
SHA512
803423ee2a0d1a0c663aecdd188b7d8d389bf8164412ee9c2bc996ad546a593a7e289f75c70e0e833d876f3e6916ba28c45db6d5aaa3eabf10e297fd8765c37e
-
SSDEEP
24576:CyRgG9E8a6f1H36sGmw0AZNmphbwpvypDzxJGQdAe4WP1/lPf:CkgGvD16sGmhbGypDiQdAe4CvH
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-