General
-
Target
c1ad7df6814f030923fd00c8d6def7f3_JaffaCakes118
-
Size
2.7MB
-
Sample
240825-1vnaraxdkd
-
MD5
c1ad7df6814f030923fd00c8d6def7f3
-
SHA1
ae59ec5b23291c08e48fc4055d4352d8eb90966d
-
SHA256
04f05d238d56e3ec229e2610ad5f6e878e1c1ef697cc35f5e507d321beeaf191
-
SHA512
e7c589697b3cb14badec428875813e15979775fe8477e1eb9820bd618ffb8cf21de4d269cbd794d7988cafc0ed5092967a9b5dd7fc4e2829978a64c0e51fd5cd
-
SSDEEP
49152:Z9XJmq5WGfdlp6UfCrBAWDfHOy//XwvNmceZYt4ZK4Stzm50MEpenMGpfc:nXokB/tCF9zR/XQwSwKlzM6eXc
Malware Config
Targets
-
-
Target
c1ad7df6814f030923fd00c8d6def7f3_JaffaCakes118
-
Size
2.7MB
-
MD5
c1ad7df6814f030923fd00c8d6def7f3
-
SHA1
ae59ec5b23291c08e48fc4055d4352d8eb90966d
-
SHA256
04f05d238d56e3ec229e2610ad5f6e878e1c1ef697cc35f5e507d321beeaf191
-
SHA512
e7c589697b3cb14badec428875813e15979775fe8477e1eb9820bd618ffb8cf21de4d269cbd794d7988cafc0ed5092967a9b5dd7fc4e2829978a64c0e51fd5cd
-
SSDEEP
49152:Z9XJmq5WGfdlp6UfCrBAWDfHOy//XwvNmceZYt4ZK4Stzm50MEpenMGpfc:nXokB/tCF9zR/XQwSwKlzM6eXc
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Enumerates processes with tasklist
-