General
-
Target
f6c1d111f7e2c75ef85c13907e2494f6_JaffaCakes118
-
Size
91KB
-
Sample
240925-ypnyzsvcqn
-
MD5
f6c1d111f7e2c75ef85c13907e2494f6
-
SHA1
623fbe17416b75deee3f755d92d81ccb076c11f5
-
SHA256
970e9b13c1b89a77feaf2e476ac5f1202710e581048474546eaaf113464903b5
-
SHA512
d34556a84ef740e4217698a4e699a3b945db72d5d51421b376f9a6d9ffdcf922c85a03d2e265bec1003a00cf76c92b2990c1df694b25a581ec1b39c927f47e00
-
SSDEEP
1536:ZiDLG7z8p+SZjBHdEhIxBtS5Q5grdU3+kNS9Y/bmF6uIo6nX7mNeomBZzJ1J+B0q:ZifEzyPHdEaaQ5g2Ow2Y/bmF65NCNeon
Static task
static1
Behavioral task
behavioral1
Sample
f6c1d111f7e2c75ef85c13907e2494f6_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f6c1d111f7e2c75ef85c13907e2494f6_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f6c1d111f7e2c75ef85c13907e2494f6_JaffaCakes118
-
Size
91KB
-
MD5
f6c1d111f7e2c75ef85c13907e2494f6
-
SHA1
623fbe17416b75deee3f755d92d81ccb076c11f5
-
SHA256
970e9b13c1b89a77feaf2e476ac5f1202710e581048474546eaaf113464903b5
-
SHA512
d34556a84ef740e4217698a4e699a3b945db72d5d51421b376f9a6d9ffdcf922c85a03d2e265bec1003a00cf76c92b2990c1df694b25a581ec1b39c927f47e00
-
SSDEEP
1536:ZiDLG7z8p+SZjBHdEhIxBtS5Q5grdU3+kNS9Y/bmF6uIo6nX7mNeomBZzJ1J+B0q:ZifEzyPHdEaaQ5g2Ow2Y/bmF65NCNeon
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-