General
-
Target
88d0d0f3c6835adb7bffb76c03ce5658_JaffaCakes118
-
Size
609KB
-
Sample
240811-dysy3sxbkh
-
MD5
88d0d0f3c6835adb7bffb76c03ce5658
-
SHA1
53c7d88e668b7f390f1619e2e7167dbf6927ba99
-
SHA256
421431196e59bc772ef66f510328fd35f8d699da2fd76539126403508226c0e3
-
SHA512
636f5895772a8aea0d61d77dd9af569a7dc58fa8209dda5d9668bbf4cada98b05be226079880b8e8f3e44b3129b1498f532e493050517dff511c0a789c0de819
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmh/:SUiL3yjXUlu0I7vitqUmyq+1pa/
Behavioral task
behavioral1
Sample
88d0d0f3c6835adb7bffb76c03ce5658_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
88d0d0f3c6835adb7bffb76c03ce5658_JaffaCakes118
-
Size
609KB
-
MD5
88d0d0f3c6835adb7bffb76c03ce5658
-
SHA1
53c7d88e668b7f390f1619e2e7167dbf6927ba99
-
SHA256
421431196e59bc772ef66f510328fd35f8d699da2fd76539126403508226c0e3
-
SHA512
636f5895772a8aea0d61d77dd9af569a7dc58fa8209dda5d9668bbf4cada98b05be226079880b8e8f3e44b3129b1498f532e493050517dff511c0a789c0de819
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmh/:SUiL3yjXUlu0I7vitqUmyq+1pa/
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-