General
-
Target
5a2c9f5153217a25fd40fdc14204e2db_JaffaCakes118
-
Size
609KB
-
Sample
240719-dcjhhszajn
-
MD5
5a2c9f5153217a25fd40fdc14204e2db
-
SHA1
571dd33951e7b38de9056240a76438ec98980ffc
-
SHA256
b8d58832928d8b6c055729914480858094ceba545da4018cb4ce5ea7ed10295d
-
SHA512
1f2bbd5b3868343728839fe60f3cdd0a9d4fc40046d1ec831a7d7525b693b464ecc1074f7c91c6c439b2ad8fa8dc151561226a34f16033b8b42e40af2daaf97a
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhb:SUiL3yjXUlu0I7vitqUmyq+1pab
Behavioral task
behavioral1
Sample
5a2c9f5153217a25fd40fdc14204e2db_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
5a2c9f5153217a25fd40fdc14204e2db_JaffaCakes118
-
Size
609KB
-
MD5
5a2c9f5153217a25fd40fdc14204e2db
-
SHA1
571dd33951e7b38de9056240a76438ec98980ffc
-
SHA256
b8d58832928d8b6c055729914480858094ceba545da4018cb4ce5ea7ed10295d
-
SHA512
1f2bbd5b3868343728839fe60f3cdd0a9d4fc40046d1ec831a7d7525b693b464ecc1074f7c91c6c439b2ad8fa8dc151561226a34f16033b8b42e40af2daaf97a
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhb:SUiL3yjXUlu0I7vitqUmyq+1pab
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-