General
-
Target
dc3972c33695c275ef2d46e8ca6bac6b_JaffaCakes118
-
Size
168KB
-
Sample
240912-m8jb3ashje
-
MD5
dc3972c33695c275ef2d46e8ca6bac6b
-
SHA1
d21fd1ccd03d32ea935ff46e6ec6c02bd2af3006
-
SHA256
b57f37c359c50c19f8d29999a989f9cca27a5e4c8cbd646722391813ded5d87e
-
SHA512
cc3211f0a8549624bead68b741896878d4d257a9057c3674364feed58d56c42e9259bc962f3b94affa9ac96f11aee7932e9e1e1001b9d7249849bf03d91acecd
-
SSDEEP
3072:H1N1vsLAEKLHyy4xZttFXmFuBwEdy1N5ie7MVoMJVoJsevSTEkLdkJZdIGdYOMD:1sLAEaHyygZJlBNyjBMqMJB0SQ4kJZd6
Malware Config
Targets
-
-
Target
dc3972c33695c275ef2d46e8ca6bac6b_JaffaCakes118
-
Size
168KB
-
MD5
dc3972c33695c275ef2d46e8ca6bac6b
-
SHA1
d21fd1ccd03d32ea935ff46e6ec6c02bd2af3006
-
SHA256
b57f37c359c50c19f8d29999a989f9cca27a5e4c8cbd646722391813ded5d87e
-
SHA512
cc3211f0a8549624bead68b741896878d4d257a9057c3674364feed58d56c42e9259bc962f3b94affa9ac96f11aee7932e9e1e1001b9d7249849bf03d91acecd
-
SSDEEP
3072:H1N1vsLAEKLHyy4xZttFXmFuBwEdy1N5ie7MVoMJVoJsevSTEkLdkJZdIGdYOMD:1sLAEaHyygZJlBNyjBMqMJB0SQ4kJZd6
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-