General
-
Target
a76cbfd3cb9d45ba7169ff5ef44f7b66_JaffaCakes118
-
Size
244KB
-
Sample
240818-t7264stbjd
-
MD5
a76cbfd3cb9d45ba7169ff5ef44f7b66
-
SHA1
1367f4b354d692a59e4b497287b0bd6543070449
-
SHA256
186353ee7570bb5e5b36be12aff294f5f2ed80c702a40893fe290f716d0ad96b
-
SHA512
73fe5dba90c4a01bc5294d69d78bc84a239bd0864e1856ef3f2112c0a5b47b501e57d584c9b42786b36f9888eea76c7d37d48cf50e4dfe3e798d3faee0318a18
-
SSDEEP
6144:rvShLzLeOy+QL+80iNU9O4T23umnaZOrdoyEnrh2:ehTpQ3U9O4T2+T9
Malware Config
Targets
-
-
Target
a76cbfd3cb9d45ba7169ff5ef44f7b66_JaffaCakes118
-
Size
244KB
-
MD5
a76cbfd3cb9d45ba7169ff5ef44f7b66
-
SHA1
1367f4b354d692a59e4b497287b0bd6543070449
-
SHA256
186353ee7570bb5e5b36be12aff294f5f2ed80c702a40893fe290f716d0ad96b
-
SHA512
73fe5dba90c4a01bc5294d69d78bc84a239bd0864e1856ef3f2112c0a5b47b501e57d584c9b42786b36f9888eea76c7d37d48cf50e4dfe3e798d3faee0318a18
-
SSDEEP
6144:rvShLzLeOy+QL+80iNU9O4T23umnaZOrdoyEnrh2:ehTpQ3U9O4T2+T9
Score8/10-
Server Software Component: Terminal Services DLL
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-