General

  • Target

    90b45b764a3fda2bef831e704ef6cb39_JaffaCakes118

  • Size

    213KB

  • Sample

    240603-gawxlsee72

  • MD5

    90b45b764a3fda2bef831e704ef6cb39

  • SHA1

    b55a57bd68b68cc00ff9fedf8b3e84056b050dec

  • SHA256

    798df541871948548db8aa88b6e2956a456d84245396e61192c64522a3a034d2

  • SHA512

    3ee7c5a0dd07f7d7b852e0e276ba15b9847c161cdee0f5b591842d24516a1afef4c2870cf7b75468df74e0741989ff134eb9326b38ae8921b0e770bdbb66736f

  • SSDEEP

    3072:bDBB53SYJ5UDoLondNAqo1mmYamR/tRShdxf/X6CoKBY6:HBB53DPUlfo6B9tRUKCoB

Score
10/10

Malware Config

Targets

    • Target

      90b45b764a3fda2bef831e704ef6cb39_JaffaCakes118

    • Size

      213KB

    • MD5

      90b45b764a3fda2bef831e704ef6cb39

    • SHA1

      b55a57bd68b68cc00ff9fedf8b3e84056b050dec

    • SHA256

      798df541871948548db8aa88b6e2956a456d84245396e61192c64522a3a034d2

    • SHA512

      3ee7c5a0dd07f7d7b852e0e276ba15b9847c161cdee0f5b591842d24516a1afef4c2870cf7b75468df74e0741989ff134eb9326b38ae8921b0e770bdbb66736f

    • SSDEEP

      3072:bDBB53SYJ5UDoLondNAqo1mmYamR/tRShdxf/X6CoKBY6:HBB53DPUlfo6B9tRUKCoB

    Score
    10/10
    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks