General
-
Target
3e375a3e6648d4698a2a1c07cbee04f6_JaffaCakes118
-
Size
346KB
-
Sample
240330-se4nssgf6w
-
MD5
3e375a3e6648d4698a2a1c07cbee04f6
-
SHA1
9bca8cddf2002efe155627571feb7a75874b948c
-
SHA256
0226c24778351c0e523f42b629f085bc3c1016100970b2a76d7c7fe122f69e33
-
SHA512
19ea7cc9c1e7492f86b934153e3e50509ca47090844c04802cc4c574577adeb7b694e96f6f4e76b1e83015bd8bd913fb321616b52e02eaf43a2093f9e3a6932e
-
SSDEEP
6144:MFLdy9Yvb94JUdC/l5rKUR4sJTH7zR6UW9Ac8ZJ1TLy:gXDGwC/llKU7JH7zR6U7/J1T
Static task
static1
Behavioral task
behavioral1
Sample
3e375a3e6648d4698a2a1c07cbee04f6_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
cryptbot
veobav12.top
morysl01.top
-
payload_url
http://tyngle01.top/download.php?file=lv.exe
Targets
-
-
Target
3e375a3e6648d4698a2a1c07cbee04f6_JaffaCakes118
-
Size
346KB
-
MD5
3e375a3e6648d4698a2a1c07cbee04f6
-
SHA1
9bca8cddf2002efe155627571feb7a75874b948c
-
SHA256
0226c24778351c0e523f42b629f085bc3c1016100970b2a76d7c7fe122f69e33
-
SHA512
19ea7cc9c1e7492f86b934153e3e50509ca47090844c04802cc4c574577adeb7b694e96f6f4e76b1e83015bd8bd913fb321616b52e02eaf43a2093f9e3a6932e
-
SSDEEP
6144:MFLdy9Yvb94JUdC/l5rKUR4sJTH7zR6UW9Ac8ZJ1TLy:gXDGwC/llKU7JH7zR6U7/J1T
-
Deletes itself
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-