General
-
Target
3d5a5f87aee1173ca58005af3940639c_JaffaCakes118
-
Size
84KB
-
Sample
240712-ph3dcstaln
-
MD5
3d5a5f87aee1173ca58005af3940639c
-
SHA1
327be851576b096cb39a8549f2423e2d1c7ab72e
-
SHA256
04357b1c4774b4175ed2bf42d9c0fb8989aa0874e386841d9213d47973172cb1
-
SHA512
de2c8417473ba93c21173eba99d0274164be98426b7b4205b490c1fad35c62040af8282eb30eed873691b92869cb16475699f22780293c56c667f6c86484e4f3
-
SSDEEP
1536:WBxJVbaBKtUZG3GO1sx6KFm8f5772Wh0RHORmEpyf3KHqfv:UxJ5aMtUZG3G5F7R72hBORvciqfv
Malware Config
Targets
-
-
Target
3d5a5f87aee1173ca58005af3940639c_JaffaCakes118
-
Size
84KB
-
MD5
3d5a5f87aee1173ca58005af3940639c
-
SHA1
327be851576b096cb39a8549f2423e2d1c7ab72e
-
SHA256
04357b1c4774b4175ed2bf42d9c0fb8989aa0874e386841d9213d47973172cb1
-
SHA512
de2c8417473ba93c21173eba99d0274164be98426b7b4205b490c1fad35c62040af8282eb30eed873691b92869cb16475699f22780293c56c667f6c86484e4f3
-
SSDEEP
1536:WBxJVbaBKtUZG3GO1sx6KFm8f5772Wh0RHORmEpyf3KHqfv:UxJ5aMtUZG3G5F7R72hBORvciqfv
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-