General
-
Target
8c0894c26925fe1e4076d3a4feae58a7_JaffaCakes118
-
Size
22.2MB
-
Sample
240811-1ac92stbkg
-
MD5
8c0894c26925fe1e4076d3a4feae58a7
-
SHA1
1955f4698c7a39d84520e486ae9f0420f484d323
-
SHA256
342b5ad24377a1418373874c196a16669f0b50c92eedf656800eebe553a26462
-
SHA512
d9dec6992b1f926ade4cff9d88717def348e8ce0bd6947046dde0cddb3903e21478788018b62777fd3559c2f48fe088f4e3b05910712309c3c9029ec1e8a8b36
-
SSDEEP
393216:nB8ADGHOFEXa8CRdVFU6czTmmf5YPtl547s97P6N5MoWQBZzz/nOF9V:nB8ZuuK8CjVSDf5YPtl5ck7PqMoWEZnG
Malware Config
Targets
-
-
Target
8c0894c26925fe1e4076d3a4feae58a7_JaffaCakes118
-
Size
22.2MB
-
MD5
8c0894c26925fe1e4076d3a4feae58a7
-
SHA1
1955f4698c7a39d84520e486ae9f0420f484d323
-
SHA256
342b5ad24377a1418373874c196a16669f0b50c92eedf656800eebe553a26462
-
SHA512
d9dec6992b1f926ade4cff9d88717def348e8ce0bd6947046dde0cddb3903e21478788018b62777fd3559c2f48fe088f4e3b05910712309c3c9029ec1e8a8b36
-
SSDEEP
393216:nB8ADGHOFEXa8CRdVFU6czTmmf5YPtl547s97P6N5MoWQBZzz/nOF9V:nB8ZuuK8CjVSDf5YPtl5ck7PqMoWEZnG
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
55a26d7800446f1373056064c64c3ce8
-
SHA1
80256857e9a0a9c8897923b717f3435295a76002
-
SHA256
904fd5481d72f4e03b01a455f848dedd095d0fb17e33608e0d849f5196fb6ff8
-
SHA512
04b8ab7a85c26f188c0a06f524488d6f2ac2884bf107c860c82e94ae12c3859f825133d78338fd2b594dfc48f7dc9888ae76fee786c6252a5c77c88755128a5b
-
SSDEEP
192:MPtkumJX7zBE2kGwfy9S9VkPsFQ1Mx1c:97O2k5q9wA1Mxa
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
c051c86f6fa84ac87efb0cf3961950a1
-
SHA1
f18f4bb803099b80a3a013ecb03fea11cff0ac01
-
SHA256
d0949b4c0640ee6a80db5a7f6d93fc631ed194de197d79bf080ec1752c6f1166
-
SHA512
6e9de5d07aaed2ac297faa5049d567884d817ed94dece055d96913ac8e497ade6f0ff5c28bae7cc7d3ac41f8795efb9939e6d12061a3c446d5d2a3e2287d49d2
Score3/10 -
-
-
Target
Cryptodome/Cipher/_ARC4.cp36-win32.pyd
-
Size
9KB
-
MD5
389565e47c364a2d26cca25c794a32f1
-
SHA1
a0b1f576f060e069ebaa5d627e5229615317bab5
-
SHA256
85ed6d7d6feca40663ae833ae5cbafe5e1a049dbd460380cbf2eb87f50633dbd
-
SHA512
de2d6baf6d73a59ba61d343654f33e1a069e4e8642d4333477369b9f5bc173aefa84b3505ae0dc7c0eea236073f9a73f91c73cd06c336c9b539c595e5c265a02
-
SSDEEP
96:M56DIIYKDn0UAwjOBG+lnL0wo05dDokOv04cmTeyyymmkf5S7fzsz+7nPF:M56DfYh4yBGiR5mkOvKhRv1f5STQz+J
Score3/10 -
-
-
Target
Cryptodome/Cipher/_Salsa20.cp36-win32.pyd
-
Size
11KB
-
MD5
b3abb7fa5ed3329588e1db9dc2016a45
-
SHA1
c8e79e026dbe2a787c914d290bb09bcb9ecc6b12
-
SHA256
eea6da000c75e9528a4ee8b5f9b1d8db05784dbebf2fae7e718d2d1bafcaed8b
-
SHA512
84a819cd94c9e8c79ed428b2c198021dfaf2028bd7a546d0ef67dbf63c366e02949c7988a0db597771839bba024455bb84b5ae78cd8ddc810383996c6d3cef75
-
SSDEEP
192:ZrqDbLYB47mShJmkOPuGAi5saalTLTD6uw7NNaRgSe4f5STQze:ZsbMBBSjmkOPu7iyaaRwNmgSewSTV
Score3/10 -
-
-
Target
Cryptodome/Cipher/_chacha20.cp36-win32.pyd
-
Size
10KB
-
MD5
3587a2ef7195c1dc6e013a18ef6bdd87
-
SHA1
82170f090bcc2669aa2bf78b44accb6cf3fee293
-
SHA256
51688f57f3bc4851820753b57e1de9c6da572183337d797d16a135415085f6cb
-
SHA512
0864038d3ab788280d4b2d5e3bda17011e84a26c1cd6f0cafd57c7a472c5ba5d41dc3df679f289e80e1302a11ba5d490834cbf275821bd3162e18a67d225265e
-
SSDEEP
192:ZAKDbLYB40mShJmkOP9QREV8iwjdlkbf5STQzet:Z9bMBWSjmkOP9c7iwjdQSTV
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_aes.cp36-win32.pyd
-
Size
30KB
-
MD5
1aea0e06dcb100241d70a8729fab2152
-
SHA1
903677587e42cc3c22b14c99303f50c54888c5a8
-
SHA256
bc13a9d2cab86c27785be9f2b24c91e0d70eedd253eb7a232368f64d44c27a68
-
SHA512
7aea1699cfc58326d6c5efb5f76e1dd4bb6bd21efc758277285b5f9441e422901206953b791dd97e89e429594da2c2f6f9371425606f00bdcb61ef633fd71d08
-
SSDEEP
768:2ahRCD2kufsWauyUARtVn2pS4j9d0th9VueqgVJ:2ORCqkuUupS4X0r97qgV
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_aesni.cp36-win32.pyd
-
Size
11KB
-
MD5
c1a6c64f0e248c8f472b94d940890738
-
SHA1
1ad0e7eb7aa7fc7404e446983db4116ba4123264
-
SHA256
20b65459b17758423b10632294c82720607450772eb3647f3e2a9d2972ec4d17
-
SHA512
e22843dd97c1171069dffcd1464bbae00e505b3cc9de3e014760f37ea75432d4f42cffc18bd8f4814d92e5c517b0c820e5ae8f79e118769cf5f9bf651d26caa6
-
SSDEEP
192:HG6DXmYgi+eB8sbJNkOMYgTwm0TXJY/Hhc5f5STxzGJYU:HPXNgiHqslNkOMJVoXCcjSTEJYU
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_arc2.cp36-win32.pyd
-
Size
11KB
-
MD5
e2330b6d8b3d5d217f7212872c9a7caf
-
SHA1
2fb197e673b56c3db51a7f309955e3fd004809c8
-
SHA256
baee003e214e23d7ffb6775d5264c0a985f7ddc2250a7eba90ebc3ff9adb86d4
-
SHA512
8791e2fb7d2088135cd8dd89708c7564f80bdebd5027b1a82dd54132a0e036aba11da9b6993fedd9d7697ca1e67731206096ef3aefc258df79016b7e31bd33b3
-
SSDEEP
192:fKFtdDrlYB4LmSxJ2kOPykIu0pvpQ2LSgxBDpxMf5STQzt:fKFbryBxST2kOPykr0tpQ21x9pxcSTy
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_blowfish.cp36-win32.pyd
-
Size
14KB
-
MD5
8df3c6d51fbceade92a8520e1f972e03
-
SHA1
71bbdaa6885f437bdad1646030c3315ebbf8c58a
-
SHA256
e3f0d86ed390f74f1a88d0520d3c6449326faea2a41af8e0f4f767d394b763b8
-
SHA512
68501b894c1aab6d194d31d242f4826bd2578804b6aed7ae619b76e2b680bfbedee296c94f75574b6ada98b00b844bf1e877bb9b1f72e25d86cdf28dd5721554
-
SSDEEP
384:2R75yEhe9DWkO9GYz7pJ6p8K0qL4RSTV:2zbCDWkkGYzv65fL4RgV
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_cast.cp36-win32.pyd
-
Size
21KB
-
MD5
6a7770de16edf149487442fb6fbf2bb0
-
SHA1
ad8de0506c84cc58afe4e8e605845cfdf66db198
-
SHA256
acf18c5031dc9f12294f958158bcc5ee8793db88c7a4b506fe83cd4f1abff2ab
-
SHA512
58476e2996343d9193844c67afece37c8718e02aa88e826e7b28c85446a657c3c46ada9ea75930bb2a0c6e398c5d40d12191c514d5ba52bca0132bb5296c1706
-
SSDEEP
384:fKFXs2eCTPkOYVRX+Y2uuZXmrfXA+UA10ol31tuXrSTyDYeC/:fiGCTPkbgYQXmrXA+NNxW7gyDzC
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_cbc.cp36-win32.pyd
-
Size
10KB
-
MD5
71e7aca335aec0225cc8b6eb32095176
-
SHA1
89c1c71f2825200951cae3810729780e00828c2b
-
SHA256
448119c39cea44861f3e7f21a6bebd7aba68d2846e78e8cdf59d21a0e9c66fe8
-
SHA512
661641e513be50bc7605dc012345aff9f774c60bf6f0f582aca2cb02b4ae1d3e3235a23da35ce74c031418bdb81899a2ce56e042e35182290c3133fce8526b76
-
SSDEEP
192:fKPF6DrrYB4SBmSxJikOPp3FD6/f5STQzt:fKPyrsBhUSTikOPp3B6pSTS
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_cfb.cp36-win32.pyd
-
Size
9KB
-
MD5
637f05e5c3187789f883d10947bf5ab0
-
SHA1
9c6e6e0cb51cf0d7e167e294b12923d0fba4f9f0
-
SHA256
9988f82ce6b08f8549f14ef9ecc5103b99bd4d6127cfe69b43062b6fd7867882
-
SHA512
6eead9c70f2cb0f6baabc4dd4272ef55436615a6d2124df7e7b1fd2b4d1309130bd9664b37c88032ef43474fa7a2042092056cac3d61d5a400bb3a2f19fb0098
-
SSDEEP
192:9HKDsZYh++d8s75VkO1XfcfKUiWpff5Sf66zth:941h6sVVkO1IUWpJSf68h
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_ctr.cp36-win32.pyd
-
Size
10KB
-
MD5
c6f2b48fdfd07bb89e7a0e2e81f59628
-
SHA1
5df13a12a45df5954acc6ceab84f6c23c48a87ed
-
SHA256
f0a817eb2a081bbec8b46665b237b22f4bf2f5aa7291d8afaa975d780fa74682
-
SHA512
7dab8721a69d4583c899ea6af4b573697ada2ee819e08d82fcacd29981c9a12e0c5090d752b3de9ac5505bbb9ef6a887f745e6ba9eb510b0e80a7b2333d70f42
-
SSDEEP
192:HF6DLjYe7ISB2SxJekOYKm8G8oLZG21eYpakV0f5STxztYK+K:HyLEe7RUSTekOHm8GrE21QU0ST7zF
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_des.cp36-win32.pyd
-
Size
49KB
-
MD5
bd1b8682f80e9a58b9334b7895d6bd30
-
SHA1
d366f36cfdda97ec421377518a84ee031ee4b678
-
SHA256
90cad86b69798c1005efeea497f80884a2dd26f59d6ed055a277b78174c406d3
-
SHA512
99bb84fed97711b4e077b79d817d929e747358fbdde710993e3229223481fe993e5b8b12acb2c83b9cb0c867711d799044016147da9f678648205a7b1d682f97
-
SSDEEP
384:S5GBgSyD/kOgC67L0LuFOrWL+c7gLOsLOeqLbALuaLrQLLL7gLOWh3rZbcSTVdYO:S5KryD/kbDSIOkHSnyHSnyvS1hGgVd
Score3/10 -
-
-
Target
Cryptodome/Cipher/_raw_des3.cp36-win32.pyd
-
Size
49KB
-
MD5
c54b7e885365e65273a2eca03500341d
-
SHA1
cd40353958c46083484ae422b6267a731f766654
-
SHA256
98feecad4d5f70dc7a8c967519da65b593cad232a0f4ee810a49166250553ff3
-
SHA512
cfd8b07e7e74ce526c1a38d6908d2d19821179f43cebf3f47b3cf6d19a47cfa92ef95f393113193e31a7e26b9f75da19c9e0ebfe17def4475fc0e23d22d0c198
-
SSDEEP
384:SlGBgSyD/kOgd67L0LuFOrWL+c7gLOsLOeqLbALuaLrQLLL7gLOWhTrZOSTVBY/7:SlKryD/kbSSIOkHSnyHSnyvS1hkgVB
Score3/10 -