General
-
Target
d251730e23a403160d0fa09469f71479_JaffaCakes118
-
Size
1.8MB
-
Sample
240907-tjd5dasanl
-
MD5
d251730e23a403160d0fa09469f71479
-
SHA1
a6f9458dd6ed866cb496b5fa1e0995c7a1fa5871
-
SHA256
509104b6ee0a520836011cfd451b8f56ca95b2c3cc351f184ff1a24981e67a68
-
SHA512
f906fc4e3c53310b7ebdf9d3b0313e7d4eda7faa615c2f43822e90a22c8f65e8ba1051db22291122f5b2dc8934ddb7a3d47105fd5c7db9c93b6be29c4062b0aa
-
SSDEEP
49152:4GILDcO/fsBmLjRw6qpZmBZWyLaXMXWasQHoT1I:4GUQO/fsiR6vmBNLfmdX
Static task
static1
Behavioral task
behavioral1
Sample
d251730e23a403160d0fa09469f71479_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d251730e23a403160d0fa09469f71479_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d251730e23a403160d0fa09469f71479_JaffaCakes118
-
Size
1.8MB
-
MD5
d251730e23a403160d0fa09469f71479
-
SHA1
a6f9458dd6ed866cb496b5fa1e0995c7a1fa5871
-
SHA256
509104b6ee0a520836011cfd451b8f56ca95b2c3cc351f184ff1a24981e67a68
-
SHA512
f906fc4e3c53310b7ebdf9d3b0313e7d4eda7faa615c2f43822e90a22c8f65e8ba1051db22291122f5b2dc8934ddb7a3d47105fd5c7db9c93b6be29c4062b0aa
-
SSDEEP
49152:4GILDcO/fsBmLjRw6qpZmBZWyLaXMXWasQHoT1I:4GUQO/fsiR6vmBNLfmdX
Score10/10-
Expiro payload
-
Executes dropped EXE
-
Loads dropped DLL
-
System Binary Proxy Execution: Rundll32
Abuse Rundll32 to proxy execution of malicious code.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-