General
-
Target
250f286469d91d81aa86bf5af9f12289_JaffaCakes118
-
Size
11KB
-
Sample
240704-hyvvwsscme
-
MD5
250f286469d91d81aa86bf5af9f12289
-
SHA1
4f4e69ec6ff800f86f005fd30daf4ce59e6ef9f9
-
SHA256
9849239d2ee071516f5801518efcf2e1a0d960f456b8c759cf1c5548f91170c4
-
SHA512
9b0f6bab8349820083a5c6ef5e17bb2e86ad71ef6b8f6ccfc1d4299146fe17f0c1280f92faa0dcc0c92d35b05ad7aee606963d7325c40269d23db39532c99020
-
SSDEEP
192:sGpWCnGSJWTipSdeeVRuyE6spTN3PuwtkJJWmBmBJ6EByDdoZWh8a/YD:sOmRzjspTZ0VmBJFByDyWxo
Malware Config
Targets
-
-
Target
250f286469d91d81aa86bf5af9f12289_JaffaCakes118
-
Size
11KB
-
MD5
250f286469d91d81aa86bf5af9f12289
-
SHA1
4f4e69ec6ff800f86f005fd30daf4ce59e6ef9f9
-
SHA256
9849239d2ee071516f5801518efcf2e1a0d960f456b8c759cf1c5548f91170c4
-
SHA512
9b0f6bab8349820083a5c6ef5e17bb2e86ad71ef6b8f6ccfc1d4299146fe17f0c1280f92faa0dcc0c92d35b05ad7aee606963d7325c40269d23db39532c99020
-
SSDEEP
192:sGpWCnGSJWTipSdeeVRuyE6spTN3PuwtkJJWmBmBJ6EByDdoZWh8a/YD:sOmRzjspTZ0VmBJFByDyWxo
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-