Overview

overview

7

Static

static

3

42bd14baef...18.exe

windows7-x64

7

42bd14baef...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    42bd14baef9db5d40b24579442de44c5_JaffaCakes118

  • Size

    39KB

  • Sample

    240713-whytha1dmn

  • MD5

    42bd14baef9db5d40b24579442de44c5

  • SHA1

    9576038c3486865c97c8b2d81658ebecf54e2649

  • SHA256

    a31ff52f945d5fabbfe58190078464966ae01023fcd861566c8524039107b0ba

  • SHA512

    47b1ef437459337a6a45fdf1e8cbdf070fe8684e5e152785245cd725fe9e336611ffae83ba4b46dc2021502566f7589f1da57c7bdc7bb3d91099ce2fc07fd8b9

  • SSDEEP

    768:F91dZKJxVZ897jK2JlET8OaHnPQ2AZUOtH602DALdAEllz6x6nr:3RIxU97ZYaogOB2DAyE+x6nr

Score
7/10

Malware Config

Targets

    • Target

      42bd14baef9db5d40b24579442de44c5_JaffaCakes118

    • Size

      39KB

    • MD5

      42bd14baef9db5d40b24579442de44c5

    • SHA1

      9576038c3486865c97c8b2d81658ebecf54e2649

    • SHA256

      a31ff52f945d5fabbfe58190078464966ae01023fcd861566c8524039107b0ba

    • SHA512

      47b1ef437459337a6a45fdf1e8cbdf070fe8684e5e152785245cd725fe9e336611ffae83ba4b46dc2021502566f7589f1da57c7bdc7bb3d91099ce2fc07fd8b9

    • SSDEEP

      768:F91dZKJxVZ897jK2JlET8OaHnPQ2AZUOtH602DALdAEllz6x6nr:3RIxU97ZYaogOB2DAyE+x6nr

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks