General
-
Target
cc629e5d6fabb0da8f46ecb5d667113d_JaffaCakes118
-
Size
3.1MB
-
Sample
241206-lzv4ts1qht
-
MD5
cc629e5d6fabb0da8f46ecb5d667113d
-
SHA1
ce1084782c077756fb43a1056cfcfdd80182f54e
-
SHA256
c0503c54556ba129ef04f224cec3c985e7d17f7e39a4574cbd553a67902ec689
-
SHA512
c54ca9ed01b007fc4abc0d72c77253ac2d8802882841a43226764b1fd46e4a1873158d04b396c3b82381fa806abc27cfb6b7778668c656afa53afc6d7c539a4a
-
SSDEEP
49152:jitOd4k7ydepSSPIZDscC+QZKDVdfu315:jiK4IIZYfZKDVQF5
Static task
static1
Behavioral task
behavioral1
Sample
cc629e5d6fabb0da8f46ecb5d667113d_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
cc629e5d6fabb0da8f46ecb5d667113d_JaffaCakes118
-
Size
3.1MB
-
MD5
cc629e5d6fabb0da8f46ecb5d667113d
-
SHA1
ce1084782c077756fb43a1056cfcfdd80182f54e
-
SHA256
c0503c54556ba129ef04f224cec3c985e7d17f7e39a4574cbd553a67902ec689
-
SHA512
c54ca9ed01b007fc4abc0d72c77253ac2d8802882841a43226764b1fd46e4a1873158d04b396c3b82381fa806abc27cfb6b7778668c656afa53afc6d7c539a4a
-
SSDEEP
49152:jitOd4k7ydepSSPIZDscC+QZKDVdfu315:jiK4IIZYfZKDVQF5
-
Osiris family
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-