0a1f2621b58e3e5fae881db92e2441bca2e8b0077df7e3a74defd1e694e85bff | Triage

Submit
Reports

Overview

overview

7

Static

static

3

005d20edcc...18.exe

windows7-x64

7

005d20edcc...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

005d20edcc90e9234e3b42a893b7f7af_JaffaCakes118
Size

216KB
Sample

240619-zbl3xazgqh
MD5

005d20edcc90e9234e3b42a893b7f7af
SHA1

6c924e1522c349b791b0ae1e7a3e799ae3035136
SHA256

0a1f2621b58e3e5fae881db92e2441bca2e8b0077df7e3a74defd1e694e85bff
SHA512

90a5f2ae7857e194baa9590ec4f3824ce913dd8b514c964ec34939cb4bf8f37cb7e1e56aa6299ca882f2478c8d4f26a54fb549ef6ef5439a5c81c9cabc8fbd05
SSDEEP

3072:Qdvyk8v4e7lXJj7iV7wMcIFbEym6YrDnfqav1R7a/C:9k8QeZVIw54EBjD71RW/C

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

005d20edcc90e9234e3b42a893b7f7af_JaffaCakes118.exe

Resource

win7-20231129-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

005d20edcc90e9234e3b42a893b7f7af_JaffaCakes118.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  005d20edcc90e9234e3b42a893b7f7af_JaffaCakes118
- Size
  
  216KB
- MD5
  
  005d20edcc90e9234e3b42a893b7f7af
- SHA1
  
  6c924e1522c349b791b0ae1e7a3e799ae3035136
- SHA256
  
  0a1f2621b58e3e5fae881db92e2441bca2e8b0077df7e3a74defd1e694e85bff
- SHA512
  
  90a5f2ae7857e194baa9590ec4f3824ce913dd8b514c964ec34939cb4bf8f37cb7e1e56aa6299ca882f2478c8d4f26a54fb549ef6ef5439a5c81c9cabc8fbd05
- SSDEEP
  
  3072:Qdvyk8v4e7lXJj7iV7wMcIFbEym6YrDnfqav1R7a/C:9k8QeZVIw54EBjD71RW/C
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy