General
-
Target
80fbd38e5fc7bedb55e4fdcbc3270134_JaffaCakes118
-
Size
1.2MB
-
Sample
241031-bjyvnswckh
-
MD5
80fbd38e5fc7bedb55e4fdcbc3270134
-
SHA1
0c0d9533c1a0698e2e71839e92be1976bd567be6
-
SHA256
c9c5673f51113ac6e5fb74a477ff1b8b59e2382da935367facf882d25f64f0fc
-
SHA512
669a5745d27c16086afd2c53e5818db24d10d144b25984511994ce0e2802d46d4d5a1532a37094a05638d8cbc4a453334876f7bb2d79ed275dfb73d945281619
-
SSDEEP
24576:UrStFAHYiZgoBDFwQd4Wo71EaXmFFOQPONcTnq:Uqy41MOQd4Wo7unfTnq
Static task
static1
Behavioral task
behavioral1
Sample
80fbd38e5fc7bedb55e4fdcbc3270134_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
80fbd38e5fc7bedb55e4fdcbc3270134_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
80fbd38e5fc7bedb55e4fdcbc3270134_JaffaCakes118
-
Size
1.2MB
-
MD5
80fbd38e5fc7bedb55e4fdcbc3270134
-
SHA1
0c0d9533c1a0698e2e71839e92be1976bd567be6
-
SHA256
c9c5673f51113ac6e5fb74a477ff1b8b59e2382da935367facf882d25f64f0fc
-
SHA512
669a5745d27c16086afd2c53e5818db24d10d144b25984511994ce0e2802d46d4d5a1532a37094a05638d8cbc4a453334876f7bb2d79ed275dfb73d945281619
-
SSDEEP
24576:UrStFAHYiZgoBDFwQd4Wo71EaXmFFOQPONcTnq:Uqy41MOQd4Wo7unfTnq
Score8/10-
Server Software Component: Terminal Services DLL
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-