General
-
Target
79614c2110f224d0ef0bb674304ca2d2_JaffaCakes118
-
Size
791KB
-
Sample
241028-ngafhswjdw
-
MD5
79614c2110f224d0ef0bb674304ca2d2
-
SHA1
eb1f200aaeb480c9ed8c4e694e80efb27cb7db1f
-
SHA256
37c34bc3b886f0995b0ba57fec6d33eee5c98d200fddc2c50feeef10c51adf5e
-
SHA512
887ebba92b9d361467e5f26d478a6296e4405f8954a9ae69d38bf83372f5a1ab772aa2cc38f5b9305135aab527219209e9175936eccb25f31749fd0bbd5c28c7
-
SSDEEP
12288:OGoOiNM1QcKQkjLSKjrecrE5bglF2Yg5BeV9V8XpcXAD1u2F43md8ds7NZQmvS2t:OGwV17acI5bglsQ+5cwD1b40csYvg
Static task
static1
Behavioral task
behavioral1
Sample
79614c2110f224d0ef0bb674304ca2d2_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
79614c2110f224d0ef0bb674304ca2d2_JaffaCakes118
-
Size
791KB
-
MD5
79614c2110f224d0ef0bb674304ca2d2
-
SHA1
eb1f200aaeb480c9ed8c4e694e80efb27cb7db1f
-
SHA256
37c34bc3b886f0995b0ba57fec6d33eee5c98d200fddc2c50feeef10c51adf5e
-
SHA512
887ebba92b9d361467e5f26d478a6296e4405f8954a9ae69d38bf83372f5a1ab772aa2cc38f5b9305135aab527219209e9175936eccb25f31749fd0bbd5c28c7
-
SSDEEP
12288:OGoOiNM1QcKQkjLSKjrecrE5bglF2Yg5BeV9V8XpcXAD1u2F43md8ds7NZQmvS2t:OGwV17acI5bglsQ+5cwD1b40csYvg
-
Osiris family
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-