a02371171ed13a03f2c9346ad920860c82ba1a585675deab3e0e0ed5ca18de43 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

4338856e24...18.exe

windows7-x64

7

4338856e24...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

4338856e24e777ed5f97f52c7daea926_JaffaCakes118
Size

206KB
Sample

240713-y8lyqswcmn
MD5

4338856e24e777ed5f97f52c7daea926
SHA1

2aa5c4357076a5a09e654bab1be2594b1348fd8d
SHA256

a02371171ed13a03f2c9346ad920860c82ba1a585675deab3e0e0ed5ca18de43
SHA512

a1215f319501e2b5e9f8e58e84768f6f851d739262774dcdb30520950c5de6cce13b8e881cc6d524bfa62dcb910247f783b48fe76386a5a17213fabad688d288
SSDEEP

3072:ZTGCNnKpsTYBFK30sG5kHVPehPbJqcAuAyc9MCCjupw5gDz0QI2Kj:ZTZxKOwY3iaHdrycSCaz5pQI2

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4338856e24e777ed5f97f52c7daea926_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

4338856e24e777ed5f97f52c7daea926_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  4338856e24e777ed5f97f52c7daea926_JaffaCakes118
- Size
  
  206KB
- MD5
  
  4338856e24e777ed5f97f52c7daea926
- SHA1
  
  2aa5c4357076a5a09e654bab1be2594b1348fd8d
- SHA256
  
  a02371171ed13a03f2c9346ad920860c82ba1a585675deab3e0e0ed5ca18de43
- SHA512
  
  a1215f319501e2b5e9f8e58e84768f6f851d739262774dcdb30520950c5de6cce13b8e881cc6d524bfa62dcb910247f783b48fe76386a5a17213fabad688d288
- SSDEEP
  
  3072:ZTGCNnKpsTYBFK30sG5kHVPehPbJqcAuAyc9MCCjupw5gDz0QI2Kj:ZTZxKOwY3iaHdrycSCaz5pQI2
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy