General
-
Target
f606ff67b8ef236ddcf70a5b7f532a45_JaffaCakes118
-
Size
36KB
-
Sample
240925-pr1k5ayend
-
MD5
f606ff67b8ef236ddcf70a5b7f532a45
-
SHA1
e944d84504a26fd1fc512b6bde20cd6366f42de3
-
SHA256
3e78c8d0194d606e448b1eb0640a1c0fbbf0cd93593e22eb71c65b6b77a1f1c8
-
SHA512
f5caeaa01a66c081ee0acd345a4db916f6dc6f05a7a6c29fe6591033d9f94607c47833cd15302cbe5719e9a26dcb24a351bf67e4133e43c220ce3ddcd7c764a5
-
SSDEEP
768:QATJxFQM1+Bw8JrV4UYW50z4C6AXTzM7WyjiTa:QA3cBw8JrydM7W7W
Malware Config
Targets
-
-
Target
f606ff67b8ef236ddcf70a5b7f532a45_JaffaCakes118
-
Size
36KB
-
MD5
f606ff67b8ef236ddcf70a5b7f532a45
-
SHA1
e944d84504a26fd1fc512b6bde20cd6366f42de3
-
SHA256
3e78c8d0194d606e448b1eb0640a1c0fbbf0cd93593e22eb71c65b6b77a1f1c8
-
SHA512
f5caeaa01a66c081ee0acd345a4db916f6dc6f05a7a6c29fe6591033d9f94607c47833cd15302cbe5719e9a26dcb24a351bf67e4133e43c220ce3ddcd7c764a5
-
SSDEEP
768:QATJxFQM1+Bw8JrV4UYW50z4C6AXTzM7WyjiTa:QA3cBw8JrydM7W7W
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-