General
-
Target
4c0828c3c43f2a9c87f3803658f16420_JaffaCakes118
-
Size
424KB
-
Sample
240716-al2hxawemn
-
MD5
4c0828c3c43f2a9c87f3803658f16420
-
SHA1
0225f262945be581f9c936cd460949b984c63bd2
-
SHA256
87d014f2780e0342b4ddaf22422127b3297bf3c23578f9e4fd8d00128eb88da6
-
SHA512
f662aeb8b1bf91c8f743418a7da0a804a183a6d25ed455d37c321e8b6ba9040a316106066f9383edb72433e4ab799eeea55c23f0a5bb886876e152ace403aee5
-
SSDEEP
6144:xpQa2phpYr2ZFMfC12BXMRGjJMiSXaXPsdoxaI4I4M56fdKp4Sf1n6go/Zodp4Uj:shpYrcr1YMkjJlfaoQFK54dCpfBKU0Ds
Malware Config
Targets
-
-
Target
4c0828c3c43f2a9c87f3803658f16420_JaffaCakes118
-
Size
424KB
-
MD5
4c0828c3c43f2a9c87f3803658f16420
-
SHA1
0225f262945be581f9c936cd460949b984c63bd2
-
SHA256
87d014f2780e0342b4ddaf22422127b3297bf3c23578f9e4fd8d00128eb88da6
-
SHA512
f662aeb8b1bf91c8f743418a7da0a804a183a6d25ed455d37c321e8b6ba9040a316106066f9383edb72433e4ab799eeea55c23f0a5bb886876e152ace403aee5
-
SSDEEP
6144:xpQa2phpYr2ZFMfC12BXMRGjJMiSXaXPsdoxaI4I4M56fdKp4Sf1n6go/Zodp4Uj:shpYrcr1YMkjJlfaoQFK54dCpfBKU0Ds
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-