982568fb61e27b7f208c1570ee1b11593c9892187b5ef8a41697ed516dcf838f | Triage

Submit
Reports

Overview

overview

Static

static

5

693d168782...18.exe

windows7-x64

693d168782...18.exe

windows10-2004-x64

Sharing

General

Target

693d16878296d10d4609d9f9c277babd_JaffaCakes118
Size

1.2MB
Sample

240523-bgn8fsga96
MD5

693d16878296d10d4609d9f9c277babd
SHA1

8944a160cb223b3998ed95fbe8c2a3a5c5993eef
SHA256

982568fb61e27b7f208c1570ee1b11593c9892187b5ef8a41697ed516dcf838f
SHA512

4a8f808d864b38abf6330091d2519130a26074d1b2924b02cdbc9a646e4b6f49da6c9b13c069f161a546c666e62cc08391f2fa4306ca07147ad0cf76ee3f7ce0
SSDEEP

24576:nAHnh+eWsN3skA4RV1Hom2KXMmHae3h/BhURGV/K5ajc5:ah+ZkldoPK8YaeR/nUhaO

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

693d16878296d10d4609d9f9c277babd_JaffaCakes118.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

693d16878296d10d4609d9f9c277babd_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
91.121.121.25
Port:
21
Username:
k1
Password:
6E4o4U7d6E4o4U7d

Targets

- Target
  
  693d16878296d10d4609d9f9c277babd_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  693d16878296d10d4609d9f9c277babd
- SHA1
  
  8944a160cb223b3998ed95fbe8c2a3a5c5993eef
- SHA256
  
  982568fb61e27b7f208c1570ee1b11593c9892187b5ef8a41697ed516dcf838f
- SHA512
  
  4a8f808d864b38abf6330091d2519130a26074d1b2924b02cdbc9a646e4b6f49da6c9b13c069f161a546c666e62cc08391f2fa4306ca07147ad0cf76ee3f7ce0
- SSDEEP
  
  24576:nAHnh+eWsN3skA4RV1Hom2KXMmHae3h/BhURGV/K5ajc5:ah+ZkldoPK8YaeR/nUhaO
Score

10^/10
- Executes dropped EXE
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy