Overview

overview

7

Static

static

3

2a0a98c10d...18.exe

windows7-x64

7

2a0a98c10d...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2a0a98c10d2ffe382037d8d094fc7a82_JaffaCakes118

  • Size

    68KB

  • Sample

    240707-2prlnazepk

  • MD5

    2a0a98c10d2ffe382037d8d094fc7a82

  • SHA1

    b7d96a113d4b4716e98db42a5207cfc6e221ec88

  • SHA256

    d1dfb9192b9f5415b4834c7b3e6629b89223c164d3a30dee4cec0281e3c775fb

  • SHA512

    a430a1c27862846b6054648abce7e06230706783ab9f418f2663a91faa1e3ac79cfede5230f79b4aa96f66399df8366eaf219f977af97c5b077b39f0a5503134

  • SSDEEP

    1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoX:r1BvK7pmCzSlNILr7mrlX

Score
7/10

Malware Config

Targets

    • Target

      2a0a98c10d2ffe382037d8d094fc7a82_JaffaCakes118

    • Size

      68KB

    • MD5

      2a0a98c10d2ffe382037d8d094fc7a82

    • SHA1

      b7d96a113d4b4716e98db42a5207cfc6e221ec88

    • SHA256

      d1dfb9192b9f5415b4834c7b3e6629b89223c164d3a30dee4cec0281e3c775fb

    • SHA512

      a430a1c27862846b6054648abce7e06230706783ab9f418f2663a91faa1e3ac79cfede5230f79b4aa96f66399df8366eaf219f977af97c5b077b39f0a5503134

    • SSDEEP

      1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoX:r1BvK7pmCzSlNILr7mrlX

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks