dc0608935f79beb922a0efa492e21a9dc0a44000286a8c7edc66a58f556dd7d4 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

30a8f25fe1...18.exe

windows7-x64

7

30a8f25fe1...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

30a8f25fe1654c03311d3342ed98dae0_JaffaCakes118
Size

31KB
Sample

240709-q9d1hsxcjq
MD5

30a8f25fe1654c03311d3342ed98dae0
SHA1

a2480d12b0bd336fca632321120ced18a2832914
SHA256

dc0608935f79beb922a0efa492e21a9dc0a44000286a8c7edc66a58f556dd7d4
SHA512

9f5e54a37e987fc684a20020e6ff3eaab647b2f0695813f1e7bd725bf3edb7860b357b1337074aa34a159cab35ea972dbff72b06265ff9aa34781d31f6dc13ae
SSDEEP

768:f4vnZKEH8AYJl66if4PB68vqMaK96MvJfO:fWPcLl1if2TXaS6M

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

30a8f25fe1654c03311d3342ed98dae0_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

30a8f25fe1654c03311d3342ed98dae0_JaffaCakes118.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  30a8f25fe1654c03311d3342ed98dae0_JaffaCakes118
- Size
  
  31KB
- MD5
  
  30a8f25fe1654c03311d3342ed98dae0
- SHA1
  
  a2480d12b0bd336fca632321120ced18a2832914
- SHA256
  
  dc0608935f79beb922a0efa492e21a9dc0a44000286a8c7edc66a58f556dd7d4
- SHA512
  
  9f5e54a37e987fc684a20020e6ff3eaab647b2f0695813f1e7bd725bf3edb7860b357b1337074aa34a159cab35ea972dbff72b06265ff9aa34781d31f6dc13ae
- SSDEEP
  
  768:f4vnZKEH8AYJl66if4PB68vqMaK96MvJfO:fWPcLl1if2TXaS6M
Score

7^/10
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy