General
-
Target
172383c3b0a9f851de29e332741e25fa_JaffaCakes118
-
Size
355KB
-
Sample
241005-ljqt6sscja
-
MD5
172383c3b0a9f851de29e332741e25fa
-
SHA1
532d7212989e6226cb6b819a6fb3965231dd6860
-
SHA256
a7442b4318f1e9ffee8d66c4ada22603d7dc7703cffcc159821c5d9434b9c3bb
-
SHA512
4f98208108da184ca1f7b65fb23cea1eedd3e0710689b27297b9b56082cc54b8f80f704ae7deb44cb8c37c0dcb42896358dece7cb3a28f551587a834583a4d16
-
SSDEEP
6144:iMuKUF4fi3HOc13mVad5g34FGhnhKb5EoCWtR2PdGlXyk96kAD:WF4mHIcy4Fgn0b5MDPdGd
Malware Config
Targets
-
-
Target
172383c3b0a9f851de29e332741e25fa_JaffaCakes118
-
Size
355KB
-
MD5
172383c3b0a9f851de29e332741e25fa
-
SHA1
532d7212989e6226cb6b819a6fb3965231dd6860
-
SHA256
a7442b4318f1e9ffee8d66c4ada22603d7dc7703cffcc159821c5d9434b9c3bb
-
SHA512
4f98208108da184ca1f7b65fb23cea1eedd3e0710689b27297b9b56082cc54b8f80f704ae7deb44cb8c37c0dcb42896358dece7cb3a28f551587a834583a4d16
-
SSDEEP
6144:iMuKUF4fi3HOc13mVad5g34FGhnhKb5EoCWtR2PdGlXyk96kAD:WF4mHIcy4Fgn0b5MDPdGd
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-