General
-
Target
db3634519c2d504f67f0ac5518d4c208_JaffaCakes118
-
Size
312KB
-
Sample
241209-ycjhqsymav
-
MD5
db3634519c2d504f67f0ac5518d4c208
-
SHA1
752eaa1a95d1179ac825119d27c006ddeda41d6b
-
SHA256
69d7973f1002d543c7e1935b95a4493ec29d0c21d3dc5e50d2f477868a914f70
-
SHA512
3cca550e3fc9360f97b04c64172daface1e2a5f2b6508fc141f15214bf9e668a88e81ed487b40d926a944e0c71d35f2f97fb2066a66dfb4dab2f264410b6d751
-
SSDEEP
6144:JEeHlmxEW0qLFWfs/ZnGWvAljyyqI7rRgdixjTwa/RxJg:JTgTZWk/oWvARy9oRxHY
Malware Config
Targets
-
-
Target
db3634519c2d504f67f0ac5518d4c208_JaffaCakes118
-
Size
312KB
-
MD5
db3634519c2d504f67f0ac5518d4c208
-
SHA1
752eaa1a95d1179ac825119d27c006ddeda41d6b
-
SHA256
69d7973f1002d543c7e1935b95a4493ec29d0c21d3dc5e50d2f477868a914f70
-
SHA512
3cca550e3fc9360f97b04c64172daface1e2a5f2b6508fc141f15214bf9e668a88e81ed487b40d926a944e0c71d35f2f97fb2066a66dfb4dab2f264410b6d751
-
SSDEEP
6144:JEeHlmxEW0qLFWfs/ZnGWvAljyyqI7rRgdixjTwa/RxJg:JTgTZWk/oWvARy9oRxHY
Score10/10-
Chinese_generic_botnet family
-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-