22d5447cace450971bac1055cac836686691a30e31880dbf1e66acd0c7c4e2df | Triage

Submit
Reports

Overview

overview

Static

static

3

69151a11fa...18.exe

windows7-x64

69151a11fa...18.exe

windows10-2004-x64

Sharing

General

Target

69151a11fa04f698816a2e4b36a34f58_JaffaCakes118
Size

1.3MB
Sample

240523-ab6d4seb93
MD5

69151a11fa04f698816a2e4b36a34f58
SHA1

93a7d4537f7b34105a2d5f59564dc9327ef2a072
SHA256

22d5447cace450971bac1055cac836686691a30e31880dbf1e66acd0c7c4e2df
SHA512

1dbbe3129bafb15cbb526e6f15e5ad64beedb5733fad6e064e66d1d298f86dd5383f4951f7652c51bbeb53ceb537510fef8be5e18fbb5a670f5672c967e4cf4f
SSDEEP

24576:IGk69IS0rw4pP9p41GXbT7koeZRh0NIVIg8EwpsQ35gdn5H7/bPwEjHly3H:Xkjrl341GHQo40WSg8EwsQ35gdnp7TPL

Score

10^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

69151a11fa04f698816a2e4b36a34f58_JaffaCakes118.exe

Resource

win7-20231129-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

69151a11fa04f698816a2e4b36a34f58_JaffaCakes118.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
195.210.46.67
Port:
21
Username:
focuseye_wp
Password:
focuseye_33213!

Targets

- Target
  
  69151a11fa04f698816a2e4b36a34f58_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  69151a11fa04f698816a2e4b36a34f58
- SHA1
  
  93a7d4537f7b34105a2d5f59564dc9327ef2a072
- SHA256
  
  22d5447cace450971bac1055cac836686691a30e31880dbf1e66acd0c7c4e2df
- SHA512
  
  1dbbe3129bafb15cbb526e6f15e5ad64beedb5733fad6e064e66d1d298f86dd5383f4951f7652c51bbeb53ceb537510fef8be5e18fbb5a670f5672c967e4cf4f
- SSDEEP
  
  24576:IGk69IS0rw4pP9p41GXbT7koeZRh0NIVIg8EwpsQ35gdn5H7/bPwEjHly3H:Xkjrl341GHQo40WSg8EwsQ35gdnp7TPL
Score

10^/10
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy