General
-
Target
9f00532b6824512f8f245cb789c71161_JaffaCakes118
-
Size
175KB
-
Sample
241126-bmxf1swncw
-
MD5
9f00532b6824512f8f245cb789c71161
-
SHA1
829de6891ca10c638c9ac075a77b1bf06ca63646
-
SHA256
a22940dcfdf7cf05b6afc69d3fe6441761c96555fbcaed9d8cf006a400435101
-
SHA512
80e79a4ff68bd35bd73bf338410a021787f839ddf8de51f417b88ff0862d30d4b20e3605b53119af933c6cad888a78e4f0016e31202679d9f3f538d417dea30b
-
SSDEEP
3072:wup2r6y7Mz/Ovm0JqoX+GfKfNFIv/b0y4kohJJR0zspPYG4Z+iN60v:wuU2lCmlm+GYNev/b0y5qJJR0zspT0v
Malware Config
Targets
-
-
Target
9f00532b6824512f8f245cb789c71161_JaffaCakes118
-
Size
175KB
-
MD5
9f00532b6824512f8f245cb789c71161
-
SHA1
829de6891ca10c638c9ac075a77b1bf06ca63646
-
SHA256
a22940dcfdf7cf05b6afc69d3fe6441761c96555fbcaed9d8cf006a400435101
-
SHA512
80e79a4ff68bd35bd73bf338410a021787f839ddf8de51f417b88ff0862d30d4b20e3605b53119af933c6cad888a78e4f0016e31202679d9f3f538d417dea30b
-
SSDEEP
3072:wup2r6y7Mz/Ovm0JqoX+GfKfNFIv/b0y4kohJJR0zspPYG4Z+iN60v:wuU2lCmlm+GYNev/b0y5qJJR0zspT0v
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-