General
-
Target
6da39313a03c88b3f1af1654faffab64_JaffaCakes118
-
Size
85KB
-
Sample
241023-hyqk6syhmr
-
MD5
6da39313a03c88b3f1af1654faffab64
-
SHA1
6082763139828f692ccc7ea06d46dbbe7d6794ee
-
SHA256
b44ae97a44a8bf3a060e91929a76cb7f90964c767430a112aec866583fe547f1
-
SHA512
b7e3b38f5fc148b0f1b0ceb4713cb9639337444753945b7a0b5288502654ae8ae13873b0b6833e54bf643b40bd847a92608240bbccda342b435ffe9cd8e69fd4
-
SSDEEP
1536:5HcCnNTr0e+DelaCFcxKen/wFnToIfHTR7r5JkNT89mFp0zA+V/R8O:5HcQ0e+Dcen/wtTBfHTR7r5JkNT89mPy
Malware Config
Targets
-
-
Target
6da39313a03c88b3f1af1654faffab64_JaffaCakes118
-
Size
85KB
-
MD5
6da39313a03c88b3f1af1654faffab64
-
SHA1
6082763139828f692ccc7ea06d46dbbe7d6794ee
-
SHA256
b44ae97a44a8bf3a060e91929a76cb7f90964c767430a112aec866583fe547f1
-
SHA512
b7e3b38f5fc148b0f1b0ceb4713cb9639337444753945b7a0b5288502654ae8ae13873b0b6833e54bf643b40bd847a92608240bbccda342b435ffe9cd8e69fd4
-
SSDEEP
1536:5HcCnNTr0e+DelaCFcxKen/wFnToIfHTR7r5JkNT89mFp0zA+V/R8O:5HcQ0e+Dcen/wtTBfHTR7r5JkNT89mPy
Score8/10-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Loads dropped DLL
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-