Overview

overview

7

Static

static

3

2c895daa47...18.exe

windows7-x64

7

2c895daa47...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c895daa47e7e14a23935dc9977b9491_JaffaCakes118

  • Size

    171KB

  • Sample

    240708-qswh8s1ejm

  • MD5

    2c895daa47e7e14a23935dc9977b9491

  • SHA1

    748d0dc60566249d69987301ee1ecd799cc42009

  • SHA256

    d09c5319728bbf63a9d015b51c66cede117c3f7b6c6288afa1ec96e8bcb7c989

  • SHA512

    0dab10fd5616b7096514205c732dc9e3c57f1f1789cc1cde1427f363d844657bcfd3e4115ea39eb95fcd228b9208846eb9391df52b86a14d7f45114d35e3bd31

  • SSDEEP

    3072:AHC7Azgo4qRXDPSsw5c1blU4VwUvFn6CWgpU9DbYKF8g+1t/HuHa/lmM:eMo42XOb5YxN+UNn6VgpEM88l1tvcmlm

Score
7/10

Malware Config

Targets

    • Target

      2c895daa47e7e14a23935dc9977b9491_JaffaCakes118

    • Size

      171KB

    • MD5

      2c895daa47e7e14a23935dc9977b9491

    • SHA1

      748d0dc60566249d69987301ee1ecd799cc42009

    • SHA256

      d09c5319728bbf63a9d015b51c66cede117c3f7b6c6288afa1ec96e8bcb7c989

    • SHA512

      0dab10fd5616b7096514205c732dc9e3c57f1f1789cc1cde1427f363d844657bcfd3e4115ea39eb95fcd228b9208846eb9391df52b86a14d7f45114d35e3bd31

    • SSDEEP

      3072:AHC7Azgo4qRXDPSsw5c1blU4VwUvFn6CWgpU9DbYKF8g+1t/HuHa/lmM:eMo42XOb5YxN+UNn6VgpEM88l1tvcmlm

    Score
    7/10

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks