5ac4203ef35328e00be8cdece3c8d68238b5e2142236785043b9084ed6d355d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc0414cc94082bbb57c0e488dc27be00_JaffaCakes118
Size

35KB
Sample

240420-f1q9dahe67
MD5

fc0414cc94082bbb57c0e488dc27be00
SHA1

f291a237da85ace828baf9b88d72e1f975474a40
SHA256

5ac4203ef35328e00be8cdece3c8d68238b5e2142236785043b9084ed6d355d4
SHA512

c08ec70ed977c2f11ca82d384ab2af3b3b03696d7b0f10bb2486088f1ed9b0c58e89139c95f74f3135433eef9ad44015b6059d1311de5a048f91153d39495a00
SSDEEP

768:h39hQGdB38mbWbtZ82KbQ46faEHrMUyIGyYYi/LgDeIPE:F9hzdexj8N6CELMUyhe+LrIP

Score

7^/10

Malware Config

Targets

- Target
  
  fc0414cc94082bbb57c0e488dc27be00_JaffaCakes118
- Size
  
  35KB
- MD5
  
  fc0414cc94082bbb57c0e488dc27be00
- SHA1
  
  f291a237da85ace828baf9b88d72e1f975474a40
- SHA256
  
  5ac4203ef35328e00be8cdece3c8d68238b5e2142236785043b9084ed6d355d4
- SHA512
  
  c08ec70ed977c2f11ca82d384ab2af3b3b03696d7b0f10bb2486088f1ed9b0c58e89139c95f74f3135433eef9ad44015b6059d1311de5a048f91153d39495a00
- SSDEEP
  
  768:h39hQGdB38mbWbtZ82KbQ46faEHrMUyIGyYYi/LgDeIPE:F9hzdexj8N6CELMUyhe+LrIP
Score

7^/10
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2