General
-
Target
f5b33469af85cf10776322b32b552d15_JaffaCakes118
-
Size
45KB
-
Sample
240925-ldyyla1aph
-
MD5
f5b33469af85cf10776322b32b552d15
-
SHA1
dce6d408a741d70ffb09c873a2f45fb115abfe8b
-
SHA256
477cc9e2f60a66872f5bae9d03d01d63bca4e31ad111af4c2abe17aa5fe04c0c
-
SHA512
4f81a13eb1e0afd33f3750766ddabd8ff3677f3b758aa16b822bb41fb281abac5f684608fb71e138706bfcc44eac059e510ea2d6ba32386fa22fe5073e1bbc09
-
SSDEEP
768:X323i/5MqKWo+CBe0dyvumWGpgIZ/jjPFjwUMaJiApGHNb6mBE:Ii/5MtWo+C80UcGpR/jjPpaSiApGtWsE
Malware Config
Targets
-
-
Target
f5b33469af85cf10776322b32b552d15_JaffaCakes118
-
Size
45KB
-
MD5
f5b33469af85cf10776322b32b552d15
-
SHA1
dce6d408a741d70ffb09c873a2f45fb115abfe8b
-
SHA256
477cc9e2f60a66872f5bae9d03d01d63bca4e31ad111af4c2abe17aa5fe04c0c
-
SHA512
4f81a13eb1e0afd33f3750766ddabd8ff3677f3b758aa16b822bb41fb281abac5f684608fb71e138706bfcc44eac059e510ea2d6ba32386fa22fe5073e1bbc09
-
SSDEEP
768:X323i/5MqKWo+CBe0dyvumWGpgIZ/jjPFjwUMaJiApGHNb6mBE:Ii/5MtWo+C80UcGpR/jjPpaSiApGtWsE
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-