General
-
Target
e0b564b03cae447695b0996537012ac8_JaffaCakes118
-
Size
1.5MB
-
Sample
240914-wehccawhlj
-
MD5
e0b564b03cae447695b0996537012ac8
-
SHA1
c917ca51f70bff66b0de973c4a40dc8b781f64ae
-
SHA256
15db545411aab11e01486bcbf51e87e6e0b07cf3fa5adcd406c0fa8b1d289567
-
SHA512
117741fdd222a3aa4fec117a9942e2eac0f77933c682df6d4321cf573418ff10d0b6a8bb368f8b792af0f480162c6e9809024997f0d7ee92d9d00a0e718ea26d
-
SSDEEP
24576:nthEVOPqLMa+OliuxClUC22WS5rwTUv5lk9EIoMnZ6mAYIqFYIAOQ7QDWwysKpG6:rEVAcvlK2g5rDf0VQqCIvgQKwApGmB7
Behavioral task
behavioral1
Sample
e0b564b03cae447695b0996537012ac8_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
e0b564b03cae447695b0996537012ac8_JaffaCakes118
-
Size
1.5MB
-
MD5
e0b564b03cae447695b0996537012ac8
-
SHA1
c917ca51f70bff66b0de973c4a40dc8b781f64ae
-
SHA256
15db545411aab11e01486bcbf51e87e6e0b07cf3fa5adcd406c0fa8b1d289567
-
SHA512
117741fdd222a3aa4fec117a9942e2eac0f77933c682df6d4321cf573418ff10d0b6a8bb368f8b792af0f480162c6e9809024997f0d7ee92d9d00a0e718ea26d
-
SSDEEP
24576:nthEVOPqLMa+OliuxClUC22WS5rwTUv5lk9EIoMnZ6mAYIqFYIAOQ7QDWwysKpG6:rEVAcvlK2g5rDf0VQqCIvgQKwApGmB7
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-