Overview

overview

7

Static

static

3

4647bc3cb9...18.exe

windows7-x64

7

4647bc3cb9...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4647bc3cb996ddc6daee76665b4ba2d6_JaffaCakes118

  • Size

    110KB

  • Sample

    240714-r5ypssxbrh

  • MD5

    4647bc3cb996ddc6daee76665b4ba2d6

  • SHA1

    0e73f53e23f47e6b4bb6f37869b4f5a448758859

  • SHA256

    8eb2a376ab5ff63812ff684e4d4ad87a301f4ff84cd3e8cc3d027ea8ca0c309e

  • SHA512

    9cb4db872efdbb194f0319858c45ca38562e2142ee4d73a92eae7028efaf64799e26ecf82d64430f518a6e3fac87541b36093db6311c6201ca08e072d21ca28e

  • SSDEEP

    1536:dTKdhmMFi+lokn0CcuQpuv0Ix0vkHWR8ceQDxeOg:dT8cUi20DuQpKnsMkrBg

Score
7/10

Malware Config

Targets

    • Target

      4647bc3cb996ddc6daee76665b4ba2d6_JaffaCakes118

    • Size

      110KB

    • MD5

      4647bc3cb996ddc6daee76665b4ba2d6

    • SHA1

      0e73f53e23f47e6b4bb6f37869b4f5a448758859

    • SHA256

      8eb2a376ab5ff63812ff684e4d4ad87a301f4ff84cd3e8cc3d027ea8ca0c309e

    • SHA512

      9cb4db872efdbb194f0319858c45ca38562e2142ee4d73a92eae7028efaf64799e26ecf82d64430f518a6e3fac87541b36093db6311c6201ca08e072d21ca28e

    • SSDEEP

      1536:dTKdhmMFi+lokn0CcuQpuv0Ix0vkHWR8ceQDxeOg:dT8cUi20DuQpKnsMkrBg

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks