General
-
Target
36644e0e2f9978ca12f1ac5e713d2889_JaffaCakes118
-
Size
187KB
-
Sample
240710-zzhqdszfkk
-
MD5
36644e0e2f9978ca12f1ac5e713d2889
-
SHA1
29d2b9d97ce41bb68df1121cd54a2170fc2c782a
-
SHA256
0a9be1d4052365bb249cd68e98dae1207885ea1db731248adc26ee551cbaa488
-
SHA512
2f00d8c046cf607b581624c944362c09e55f1fe4b4ca1683cdc6da6febb1617434c6a2c373009a43b91a4d6174d10462817f3d8630e72e12f20aea5dee6415cf
-
SSDEEP
3072:JXKgEUQ000kvZk3mT+Q3snJ/wDTPfPMoph9cI1kKy0Otgvjo4Tk0lU2GXxE9g337:5KgY0M4mTn3sJw33hF1Po4HlMxE9gHQ4
Static task
static1
Behavioral task
behavioral1
Sample
36644e0e2f9978ca12f1ac5e713d2889_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
36644e0e2f9978ca12f1ac5e713d2889_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
36644e0e2f9978ca12f1ac5e713d2889_JaffaCakes118
-
Size
187KB
-
MD5
36644e0e2f9978ca12f1ac5e713d2889
-
SHA1
29d2b9d97ce41bb68df1121cd54a2170fc2c782a
-
SHA256
0a9be1d4052365bb249cd68e98dae1207885ea1db731248adc26ee551cbaa488
-
SHA512
2f00d8c046cf607b581624c944362c09e55f1fe4b4ca1683cdc6da6febb1617434c6a2c373009a43b91a4d6174d10462817f3d8630e72e12f20aea5dee6415cf
-
SSDEEP
3072:JXKgEUQ000kvZk3mT+Q3snJ/wDTPfPMoph9cI1kKy0Otgvjo4Tk0lU2GXxE9g337:5KgY0M4mTn3sJw33hF1Po4HlMxE9gHQ4
Score7/10-
Deletes itself
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-