General
-
Target
25afa22d22a1aba6b3bc1fc2515b0ea3_JaffaCakes118
-
Size
244KB
-
Sample
241008-1ae4msscpc
-
MD5
25afa22d22a1aba6b3bc1fc2515b0ea3
-
SHA1
d5b87eb29ee867ae173cc8a5872208d3e55ba2ca
-
SHA256
a6a289746093f6fdf796182730aad23191710fdd456db16149ec5d2bb7e35878
-
SHA512
0dbcf12f0babc966b61d24db9a404dd0c54a14a9590dd0dadd28818b419f3343c8838b6cb23a0a7e353aa6345ebdff5a7ff28dd193719f7f081c746af1b6e6f9
-
SSDEEP
3072:cwJIp7cy+4+eW3s0cD6TtNpgSE0fn3Qx0hEqcmhBVjqeGoEqc9im/6TePHPmrCdX:cLJcyvEX7TtNSSE0fgxNW5ki89uCHB
Malware Config
Targets
-
-
Target
25afa22d22a1aba6b3bc1fc2515b0ea3_JaffaCakes118
-
Size
244KB
-
MD5
25afa22d22a1aba6b3bc1fc2515b0ea3
-
SHA1
d5b87eb29ee867ae173cc8a5872208d3e55ba2ca
-
SHA256
a6a289746093f6fdf796182730aad23191710fdd456db16149ec5d2bb7e35878
-
SHA512
0dbcf12f0babc966b61d24db9a404dd0c54a14a9590dd0dadd28818b419f3343c8838b6cb23a0a7e353aa6345ebdff5a7ff28dd193719f7f081c746af1b6e6f9
-
SSDEEP
3072:cwJIp7cy+4+eW3s0cD6TtNpgSE0fn3Qx0hEqcmhBVjqeGoEqc9im/6TePHPmrCdX:cLJcyvEX7TtNSSE0fgxNW5ki89uCHB
Score8/10-
Server Software Component: Terminal Services DLL
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-