General
-
Target
9674c4fe3167c97db765424d59420bfa_JaffaCakes118
-
Size
213KB
-
Sample
240814-rqq2eaxaqe
-
MD5
9674c4fe3167c97db765424d59420bfa
-
SHA1
30f87e0c60b09938798cb92d0f17bda9118797f9
-
SHA256
db92dd1cecdcb4629ddb590312c22e91e82dc7a426e6c9c1aeb7a6760a96dc49
-
SHA512
ed7523c70eb6ab921b590c6545036e68a39cbf0b5e6b1d91e434c342624ecaefb85cd6d6266975c4dbe223c40d76b0286ec513ca10ed0edea3a951675204ff8b
-
SSDEEP
3072:ZzjxtgrKRtymH0ZHyRihD5rMRlj6m1mFHL2KuAPQybwueStV5bj0Y9yV7z2QuE5l:dVtnRAmUZHyT6rDuTIySZsBzyES525F
Malware Config
Targets
-
-
Target
9674c4fe3167c97db765424d59420bfa_JaffaCakes118
-
Size
213KB
-
MD5
9674c4fe3167c97db765424d59420bfa
-
SHA1
30f87e0c60b09938798cb92d0f17bda9118797f9
-
SHA256
db92dd1cecdcb4629ddb590312c22e91e82dc7a426e6c9c1aeb7a6760a96dc49
-
SHA512
ed7523c70eb6ab921b590c6545036e68a39cbf0b5e6b1d91e434c342624ecaefb85cd6d6266975c4dbe223c40d76b0286ec513ca10ed0edea3a951675204ff8b
-
SSDEEP
3072:ZzjxtgrKRtymH0ZHyRihD5rMRlj6m1mFHL2KuAPQybwueStV5bj0Y9yV7z2QuE5l:dVtnRAmUZHyT6rDuTIySZsBzyES525F
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-