Overview

overview

7

Static

static

3

3451d9d8f0...18.exe

windows7-x64

7

3451d9d8f0...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3451d9d8f0da469742c75c39e8a87fb4_JaffaCakes118

  • Size

    45KB

  • Sample

    240710-mcm1dathkc

  • MD5

    3451d9d8f0da469742c75c39e8a87fb4

  • SHA1

    207287c578c4eed2cfd6672aaf4fb989a083cf3e

  • SHA256

    160fa176f7a224c67426e68a32a9d1b5c94a9cb88878084efb6c94e6b57ee19a

  • SHA512

    8cc1abe1a0bfc3af0e9724876e1b7e6377436b2fbe40e3326fe4c6c29acc9d9a96b28d83826d60048da71616383e68a1913fe6968ac8e2649e801f472a8f4a5e

  • SSDEEP

    768:X323i/5MqKWo+CBe0dyvumWGpgIZ/jjPFjwUMaJiApGHNb6mBv:Ii/5MtWo+C80UcGpR/jjPpaSiApGtWsv

Score
7/10

Malware Config

Targets

    • Target

      3451d9d8f0da469742c75c39e8a87fb4_JaffaCakes118

    • Size

      45KB

    • MD5

      3451d9d8f0da469742c75c39e8a87fb4

    • SHA1

      207287c578c4eed2cfd6672aaf4fb989a083cf3e

    • SHA256

      160fa176f7a224c67426e68a32a9d1b5c94a9cb88878084efb6c94e6b57ee19a

    • SHA512

      8cc1abe1a0bfc3af0e9724876e1b7e6377436b2fbe40e3326fe4c6c29acc9d9a96b28d83826d60048da71616383e68a1913fe6968ac8e2649e801f472a8f4a5e

    • SSDEEP

      768:X323i/5MqKWo+CBe0dyvumWGpgIZ/jjPFjwUMaJiApGHNb6mBv:Ii/5MtWo+C80UcGpR/jjPpaSiApGtWsv

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks