General
-
Target
0450cf37e2dd4058563f73f6ca7940e5_JaffaCakes118
-
Size
434KB
-
Sample
240622-24lc7ashll
-
MD5
0450cf37e2dd4058563f73f6ca7940e5
-
SHA1
c7c0d5c274eadf534eea3203e6c026258144c68e
-
SHA256
da767e6faf97d73997f397eae71b372a549dd6331bf8ec0ebd398ef8cfe9a47e
-
SHA512
2d48fe05f18934808609d121e2dff8596016406002f221d90154903b09b40d409f805aba51ed8801ae572f20e1005fc104d83ead4b05eeab7ea39c8063a06ef3
-
SSDEEP
12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK95OTTsx/SA/WegYfdNbrqnuz:rXh6XcBXo8TsL8Y8m4OTTySA/DrfdNb1
Static task
static1
Behavioral task
behavioral1
Sample
0450cf37e2dd4058563f73f6ca7940e5_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0450cf37e2dd4058563f73f6ca7940e5_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0450cf37e2dd4058563f73f6ca7940e5_JaffaCakes118
-
Size
434KB
-
MD5
0450cf37e2dd4058563f73f6ca7940e5
-
SHA1
c7c0d5c274eadf534eea3203e6c026258144c68e
-
SHA256
da767e6faf97d73997f397eae71b372a549dd6331bf8ec0ebd398ef8cfe9a47e
-
SHA512
2d48fe05f18934808609d121e2dff8596016406002f221d90154903b09b40d409f805aba51ed8801ae572f20e1005fc104d83ead4b05eeab7ea39c8063a06ef3
-
SSDEEP
12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK95OTTsx/SA/WegYfdNbrqnuz:rXh6XcBXo8TsL8Y8m4OTTySA/DrfdNb1
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-