Overview

overview

8

Static

static

3

046921c4ec...18.exe

windows7-x64

8

046921c4ec...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    046921c4ecde06ff83b50ce72ed32257_JaffaCakes118

  • Size

    320KB

  • Sample

    240620-kkaznsybmg

  • MD5

    046921c4ecde06ff83b50ce72ed32257

  • SHA1

    b8f91e69ab1d632d2bc450d2c36b9db560956afe

  • SHA256

    c53206c1a2aced8b30f030654f9f430542102547a3afb934643d70a0f922ec8a

  • SHA512

    9fb0595536d344444facc61f6d7abc10f8932c6799bc323e20a7316d2e7dd2d1984329228a38f497a350713f3bec592d2a651542a2794b46682cba57efda63e9

  • SSDEEP

    6144:qq6wzl1GCMsgICZnYNEwK/nzoJIGyxFNirwWSP/VlFI:qfwLG7jlfDNirwWS3FI

Score
8/10
evasion

Malware Config

Targets

    • Target

      046921c4ecde06ff83b50ce72ed32257_JaffaCakes118

    • Size

      320KB

    • MD5

      046921c4ecde06ff83b50ce72ed32257

    • SHA1

      b8f91e69ab1d632d2bc450d2c36b9db560956afe

    • SHA256

      c53206c1a2aced8b30f030654f9f430542102547a3afb934643d70a0f922ec8a

    • SHA512

      9fb0595536d344444facc61f6d7abc10f8932c6799bc323e20a7316d2e7dd2d1984329228a38f497a350713f3bec592d2a651542a2794b46682cba57efda63e9

    • SSDEEP

      6144:qq6wzl1GCMsgICZnYNEwK/nzoJIGyxFNirwWSP/VlFI:qfwLG7jlfDNirwWS3FI

    Score
    8/10
    evasion

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks