General
-
Target
863123d359842ad81ff9392576d48268_JaffaCakes118
-
Size
217KB
-
Sample
240810-qgpxbavfjb
-
MD5
863123d359842ad81ff9392576d48268
-
SHA1
f38ca2b6e9be53bf7aadfd1900c9fca40457e12e
-
SHA256
ad8752d81e7b8395d54ae479878767a22dbf3544d744e5f00ef9c247306c03c3
-
SHA512
6049ac426760f6a451162b0259144da630ae6d39571243f535c33c2c686fb74720ad98e38f2463719b9ed9a81df674ceb94c82b973cb51387381a1d9de82511d
-
SSDEEP
3072:Ygb+ZOlLnUVyceWs+muYHlifSvDW4SxF2ztdO6eqfBkCQZ+C:/aZUwVgWs+muj6xqwPnlpLQZ+C
Malware Config
Targets
-
-
Target
863123d359842ad81ff9392576d48268_JaffaCakes118
-
Size
217KB
-
MD5
863123d359842ad81ff9392576d48268
-
SHA1
f38ca2b6e9be53bf7aadfd1900c9fca40457e12e
-
SHA256
ad8752d81e7b8395d54ae479878767a22dbf3544d744e5f00ef9c247306c03c3
-
SHA512
6049ac426760f6a451162b0259144da630ae6d39571243f535c33c2c686fb74720ad98e38f2463719b9ed9a81df674ceb94c82b973cb51387381a1d9de82511d
-
SSDEEP
3072:Ygb+ZOlLnUVyceWs+muYHlifSvDW4SxF2ztdO6eqfBkCQZ+C:/aZUwVgWs+muj6xqwPnlpLQZ+C
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-