Overview

overview

7

Static

static

3

fac63fb2b6...18.exe

windows7-x64

7

fac63fb2b6...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fac63fb2b66c2d3dad732c3b466a7f90_JaffaCakes118

  • Size

    506KB

  • Sample

    240419-vn594aba31

  • MD5

    fac63fb2b66c2d3dad732c3b466a7f90

  • SHA1

    f20f95f7f544e2b703b99aadd5467cd190825617

  • SHA256

    42f26bd9b68d14944b50280c443651fd4a80a17dfa4c61bf1b6a81e40ac8f3df

  • SHA512

    8d4036757b72722da2996bf12248a4df8b81fc579457ce8210c9d8c646c95eab887860bbfb2daa1a9bec9b2d75b317193cbef7a586678765d79a53929f1df444

  • SSDEEP

    12288:4NpSp+jGRfbGgMAkIduGiXO47VLWiAJRWxZWTjLr5MNnJ+i9lw:4NpxjiRMAkSuG6O+YEqjLVMRRm

Score
7/10

Malware Config

Targets

    • Target

      fac63fb2b66c2d3dad732c3b466a7f90_JaffaCakes118

    • Size

      506KB

    • MD5

      fac63fb2b66c2d3dad732c3b466a7f90

    • SHA1

      f20f95f7f544e2b703b99aadd5467cd190825617

    • SHA256

      42f26bd9b68d14944b50280c443651fd4a80a17dfa4c61bf1b6a81e40ac8f3df

    • SHA512

      8d4036757b72722da2996bf12248a4df8b81fc579457ce8210c9d8c646c95eab887860bbfb2daa1a9bec9b2d75b317193cbef7a586678765d79a53929f1df444

    • SSDEEP

      12288:4NpSp+jGRfbGgMAkIduGiXO47VLWiAJRWxZWTjLr5MNnJ+i9lw:4NpxjiRMAkSuG6O+YEqjLVMRRm

    Score
    7/10

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks