General
-
Target
08350d5087b6df64ebfd9f4f8c532ea4_JaffaCakes118
-
Size
94KB
-
Sample
241002-bl45gazcnq
-
MD5
08350d5087b6df64ebfd9f4f8c532ea4
-
SHA1
a5effcc2919d2b0043795034e9c8eb27fb23bceb
-
SHA256
b05797ed3e7696c4996aac47d2185c65692d0139c137e9a08ed80b25b7eba5fd
-
SHA512
7e9262a3ee36012c483ae9eb79bb1fcaca5f0b1fdabe37bead75895e5f716f66fe6b0b3eea749ebfc43f631a4055bbe1e90ded180fd58f57538bb90033874e29
-
SSDEEP
768:zyIwQJYM3srWqaVC+HKvu1rrnQe22IR7WHJ8Fjh7hQzTGfL7YmcZn5mmZn:zyIwQJYZW14+q21rjTW/zQkOv
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
griptoloji - Password:
741852
Targets
-
-
Target
08350d5087b6df64ebfd9f4f8c532ea4_JaffaCakes118
-
Size
94KB
-
MD5
08350d5087b6df64ebfd9f4f8c532ea4
-
SHA1
a5effcc2919d2b0043795034e9c8eb27fb23bceb
-
SHA256
b05797ed3e7696c4996aac47d2185c65692d0139c137e9a08ed80b25b7eba5fd
-
SHA512
7e9262a3ee36012c483ae9eb79bb1fcaca5f0b1fdabe37bead75895e5f716f66fe6b0b3eea749ebfc43f631a4055bbe1e90ded180fd58f57538bb90033874e29
-
SSDEEP
768:zyIwQJYM3srWqaVC+HKvu1rrnQe22IR7WHJ8Fjh7hQzTGfL7YmcZn5mmZn:zyIwQJYZW14+q21rjTW/zQkOv
Score10/10-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-