General

  • Target

    74227f2c7fc61aac5209a70d0e2d68f0_JaffaCakes118

  • Size

    321KB

  • Sample

    240526-dh5myadc63

  • MD5

    74227f2c7fc61aac5209a70d0e2d68f0

  • SHA1

    f377c89df349ae25748f3e3331153072bb1db413

  • SHA256

    ed3b4804fc1a5797d9b41ffc46b4d22bfec200cd14abb3622c5a5c3aee982e91

  • SHA512

    ee5dbaeb4302f91186102ed4555f35916d41fd7ec9e1e5ea2a7501d452b95dc9acde380482398a34e1182f0d5d453a9567b719c196ae92ff595bb8ec4c46ff00

  • SSDEEP

    6144:ygoDzOaC7S+44QBIKtwP78Se8/Q4OhGqJlyncjQf:RaX+0ZtwzheHGqjqc

Score
10/10

Malware Config

Targets

    • Target

      74227f2c7fc61aac5209a70d0e2d68f0_JaffaCakes118

    • Size

      321KB

    • MD5

      74227f2c7fc61aac5209a70d0e2d68f0

    • SHA1

      f377c89df349ae25748f3e3331153072bb1db413

    • SHA256

      ed3b4804fc1a5797d9b41ffc46b4d22bfec200cd14abb3622c5a5c3aee982e91

    • SHA512

      ee5dbaeb4302f91186102ed4555f35916d41fd7ec9e1e5ea2a7501d452b95dc9acde380482398a34e1182f0d5d453a9567b719c196ae92ff595bb8ec4c46ff00

    • SSDEEP

      6144:ygoDzOaC7S+44QBIKtwP78Se8/Q4OhGqJlyncjQf:RaX+0ZtwzheHGqjqc

    Score
    10/10
    • Windows security bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks