General

  • Target

    90eeed0624377283c4051f75e3752494_JaffaCakes118

  • Size

    352KB

  • Sample

    240603-h511gsha76

  • MD5

    90eeed0624377283c4051f75e3752494

  • SHA1

    309c7b29bce527e92ee4a51a207a6f7967070a0a

  • SHA256

    66f68b678e8adbe4f0dddf5bc435a5f841b7e8a9ede2392759ee28dac6fcf639

  • SHA512

    f3cbf83a71c3d3309e37cd5613b0df2939b204adecf20e0f7421123aa4952db3fe7a294dbeeb5130e517bd15df1f7d17928d206b8ab104c5ac85410e9925011c

  • SSDEEP

    6144:eheZwrQeInRlw/TCrxrzIJcwTnkNmWfT/fLUrgnGXHWWCcZouA0ZlyHpEZ/hsojq:zyTo48BYpwiiThgDmoL

Score
10/10

Malware Config

Targets

    • Target

      90eeed0624377283c4051f75e3752494_JaffaCakes118

    • Size

      352KB

    • MD5

      90eeed0624377283c4051f75e3752494

    • SHA1

      309c7b29bce527e92ee4a51a207a6f7967070a0a

    • SHA256

      66f68b678e8adbe4f0dddf5bc435a5f841b7e8a9ede2392759ee28dac6fcf639

    • SHA512

      f3cbf83a71c3d3309e37cd5613b0df2939b204adecf20e0f7421123aa4952db3fe7a294dbeeb5130e517bd15df1f7d17928d206b8ab104c5ac85410e9925011c

    • SSDEEP

      6144:eheZwrQeInRlw/TCrxrzIJcwTnkNmWfT/fLUrgnGXHWWCcZouA0ZlyHpEZ/hsojq:zyTo48BYpwiiThgDmoL

    Score
    10/10
    • Windows security bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks