General

  • Target

    0450cf37e2dd4058563f73f6ca7940e5_JaffaCakes118

  • Size

    434KB

  • Sample

    240622-24lc7ashll

  • MD5

    0450cf37e2dd4058563f73f6ca7940e5

  • SHA1

    c7c0d5c274eadf534eea3203e6c026258144c68e

  • SHA256

    da767e6faf97d73997f397eae71b372a549dd6331bf8ec0ebd398ef8cfe9a47e

  • SHA512

    2d48fe05f18934808609d121e2dff8596016406002f221d90154903b09b40d409f805aba51ed8801ae572f20e1005fc104d83ead4b05eeab7ea39c8063a06ef3

  • SSDEEP

    12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK95OTTsx/SA/WegYfdNbrqnuz:rXh6XcBXo8TsL8Y8m4OTTySA/DrfdNb1

Score
10/10

Malware Config

Targets

    • Target

      0450cf37e2dd4058563f73f6ca7940e5_JaffaCakes118

    • Size

      434KB

    • MD5

      0450cf37e2dd4058563f73f6ca7940e5

    • SHA1

      c7c0d5c274eadf534eea3203e6c026258144c68e

    • SHA256

      da767e6faf97d73997f397eae71b372a549dd6331bf8ec0ebd398ef8cfe9a47e

    • SHA512

      2d48fe05f18934808609d121e2dff8596016406002f221d90154903b09b40d409f805aba51ed8801ae572f20e1005fc104d83ead4b05eeab7ea39c8063a06ef3

    • SSDEEP

      12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK95OTTsx/SA/WegYfdNbrqnuz:rXh6XcBXo8TsL8Y8m4OTTySA/DrfdNb1

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks