General
-
Target
0847131e3c0b10cb86932d8fbd8de8c8_JaffaCakes118
-
Size
446KB
-
Sample
241002-bz74aavaqa
-
MD5
0847131e3c0b10cb86932d8fbd8de8c8
-
SHA1
3fbd528d14e9fe373e6081579a8b6ec4a6b57716
-
SHA256
eb43035b49f871547343655754fc84af36c519deef8d57d650ab0a203013e1f4
-
SHA512
12af6bfcf0981040f0c73b7bbbba8ba470a5b741eb986b092708e825509a918ac6c3011d407e402749295793e46c2f464b4f9c09c9cb50ea6aed7c4666c30095
-
SSDEEP
6144:kpUP3aUlHxCfu0PdTCLJ3QsyWrdgk6nbUuEuqg7UP/1SaWRmv:g8xCfvdT83QNIzwvqg7UP/8a
Malware Config
Targets
-
-
Target
0847131e3c0b10cb86932d8fbd8de8c8_JaffaCakes118
-
Size
446KB
-
MD5
0847131e3c0b10cb86932d8fbd8de8c8
-
SHA1
3fbd528d14e9fe373e6081579a8b6ec4a6b57716
-
SHA256
eb43035b49f871547343655754fc84af36c519deef8d57d650ab0a203013e1f4
-
SHA512
12af6bfcf0981040f0c73b7bbbba8ba470a5b741eb986b092708e825509a918ac6c3011d407e402749295793e46c2f464b4f9c09c9cb50ea6aed7c4666c30095
-
SSDEEP
6144:kpUP3aUlHxCfu0PdTCLJ3QsyWrdgk6nbUuEuqg7UP/1SaWRmv:g8xCfvdT83QNIzwvqg7UP/8a
Score8/10-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-