General

  • Target

    2d542b5652e925caaf0499abfdf12b95_JaffaCakes118

  • Size

    37KB

  • Sample

    240708-wrz3xsthla

  • MD5

    2d542b5652e925caaf0499abfdf12b95

  • SHA1

    48348dabaeaf5290dddd179eda698f9462769e4f

  • SHA256

    17122aefaf6c07261ce14dc73369d458444c723b8cd96c9e4fed44fadd64452f

  • SHA512

    ea13c71b510e1089aa408c84ccbb4efeb4137be67221b95a342d25277ee68f385abb2fb656dc9b380f0163be0c5dd11c8e35677a69fff592999c493333501667

  • SSDEEP

    768:edIZ/alwuAknNWuCMQpb0ruFm1YqTrmHwbLyMy0:edILlknNU4rOobbLyn0

Score
7/10

Malware Config

Targets

    • Target

      2d542b5652e925caaf0499abfdf12b95_JaffaCakes118

    • Size

      37KB

    • MD5

      2d542b5652e925caaf0499abfdf12b95

    • SHA1

      48348dabaeaf5290dddd179eda698f9462769e4f

    • SHA256

      17122aefaf6c07261ce14dc73369d458444c723b8cd96c9e4fed44fadd64452f

    • SHA512

      ea13c71b510e1089aa408c84ccbb4efeb4137be67221b95a342d25277ee68f385abb2fb656dc9b380f0163be0c5dd11c8e35677a69fff592999c493333501667

    • SSDEEP

      768:edIZ/alwuAknNWuCMQpb0ruFm1YqTrmHwbLyMy0:edILlknNU4rOobbLyn0

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks