General
-
Target
afbfb8ee1118aa89a519f72a9209d771_JaffaCakes118
-
Size
68KB
-
Sample
240820-spwe6sygja
-
MD5
afbfb8ee1118aa89a519f72a9209d771
-
SHA1
d61b263ddc1d60006d6312a2badaa2abc3c73f27
-
SHA256
6a8b69b186425d99274e2f062cf6e4dba5d97626331708c2dc20c2e393b9db99
-
SHA512
869698d78a22a3337d9c2e3a7ec64013d0441a8822351c306e7d4d36fdc7b1c2a9ae21cf998a06c26e1ab0058b10ce90928e1c1462c132938ca27e0166d93d9d
-
SSDEEP
1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoe:r1BvK7pmCzSlNILr7mrle
Static task
static1
Behavioral task
behavioral1
Sample
afbfb8ee1118aa89a519f72a9209d771_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
afbfb8ee1118aa89a519f72a9209d771_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
afbfb8ee1118aa89a519f72a9209d771_JaffaCakes118
-
Size
68KB
-
MD5
afbfb8ee1118aa89a519f72a9209d771
-
SHA1
d61b263ddc1d60006d6312a2badaa2abc3c73f27
-
SHA256
6a8b69b186425d99274e2f062cf6e4dba5d97626331708c2dc20c2e393b9db99
-
SHA512
869698d78a22a3337d9c2e3a7ec64013d0441a8822351c306e7d4d36fdc7b1c2a9ae21cf998a06c26e1ab0058b10ce90928e1c1462c132938ca27e0166d93d9d
-
SSDEEP
1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoe:r1BvK7pmCzSlNILr7mrle
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-