General
-
Target
76b9ee6fe09353ab54e12f62bab7ca54_JaffaCakes118
-
Size
88KB
-
Sample
240727-czmysavbkd
-
MD5
76b9ee6fe09353ab54e12f62bab7ca54
-
SHA1
c974d139554ed10a62b998dcc59fba940cf84e47
-
SHA256
aacd39fa1d5c173e8136116d4357d3a09455d5f0399c326d81800037432f6576
-
SHA512
598578759ba29c3359ece1c8236fa698652e54fdf6a2e837052d5bddce3dafde06b3c64fa565ff3a4c6e9f9251eab01b1a8b8aa490efeb09b1d4a7cc4029a259
-
SSDEEP
1536:/VVa3a+n40UStgspGieNXUUbuaIG9KixRX/:va3a+4i6sQi4ExaIGoiXv
Malware Config
Targets
-
-
Target
76b9ee6fe09353ab54e12f62bab7ca54_JaffaCakes118
-
Size
88KB
-
MD5
76b9ee6fe09353ab54e12f62bab7ca54
-
SHA1
c974d139554ed10a62b998dcc59fba940cf84e47
-
SHA256
aacd39fa1d5c173e8136116d4357d3a09455d5f0399c326d81800037432f6576
-
SHA512
598578759ba29c3359ece1c8236fa698652e54fdf6a2e837052d5bddce3dafde06b3c64fa565ff3a4c6e9f9251eab01b1a8b8aa490efeb09b1d4a7cc4029a259
-
SSDEEP
1536:/VVa3a+n40UStgspGieNXUUbuaIG9KixRX/:va3a+4i6sQi4ExaIGoiXv
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-