General
-
Target
4258ff976538ddb6eba552017de1cc88_JaffaCakes118
-
Size
19KB
-
Sample
240713-tathpsxcnl
-
MD5
4258ff976538ddb6eba552017de1cc88
-
SHA1
642c7c0641302e626b3896aaaa29154ef6e17e60
-
SHA256
f24dd9c54ee30ce5ea624eb8b51f24adfef2b196cceda2064d721d8b723d24ab
-
SHA512
72631e69e044395a3bc23118e388094a5555a081482845d5fb6cc1c591b6a1c5ca10a4ebafcb52f250114d66e245c39528b63d1fb4205a833ab896dbaacd60fa
-
SSDEEP
384:QXWuX7KLLfrbrA2ZZJNAfE2J/aFTDuhXkrWHiOtDUvDHB181:QmuX7cNr0E2JmahXaWHiAYvD8
Malware Config
Targets
-
-
Target
4258ff976538ddb6eba552017de1cc88_JaffaCakes118
-
Size
19KB
-
MD5
4258ff976538ddb6eba552017de1cc88
-
SHA1
642c7c0641302e626b3896aaaa29154ef6e17e60
-
SHA256
f24dd9c54ee30ce5ea624eb8b51f24adfef2b196cceda2064d721d8b723d24ab
-
SHA512
72631e69e044395a3bc23118e388094a5555a081482845d5fb6cc1c591b6a1c5ca10a4ebafcb52f250114d66e245c39528b63d1fb4205a833ab896dbaacd60fa
-
SSDEEP
384:QXWuX7KLLfrbrA2ZZJNAfE2J/aFTDuhXkrWHiOtDUvDHB181:QmuX7cNr0E2JmahXaWHiAYvD8
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-