General

  • Target

    5a2c9f5153217a25fd40fdc14204e2db_JaffaCakes118

  • Size

    609KB

  • Sample

    240719-dcjhhszajn

  • MD5

    5a2c9f5153217a25fd40fdc14204e2db

  • SHA1

    571dd33951e7b38de9056240a76438ec98980ffc

  • SHA256

    b8d58832928d8b6c055729914480858094ceba545da4018cb4ce5ea7ed10295d

  • SHA512

    1f2bbd5b3868343728839fe60f3cdd0a9d4fc40046d1ec831a7d7525b693b464ecc1074f7c91c6c439b2ad8fa8dc151561226a34f16033b8b42e40af2daaf97a

  • SSDEEP

    12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhb:SUiL3yjXUlu0I7vitqUmyq+1pab

Score
10/10

Malware Config

Targets

    • Target

      5a2c9f5153217a25fd40fdc14204e2db_JaffaCakes118

    • Size

      609KB

    • MD5

      5a2c9f5153217a25fd40fdc14204e2db

    • SHA1

      571dd33951e7b38de9056240a76438ec98980ffc

    • SHA256

      b8d58832928d8b6c055729914480858094ceba545da4018cb4ce5ea7ed10295d

    • SHA512

      1f2bbd5b3868343728839fe60f3cdd0a9d4fc40046d1ec831a7d7525b693b464ecc1074f7c91c6c439b2ad8fa8dc151561226a34f16033b8b42e40af2daaf97a

    • SSDEEP

      12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhb:SUiL3yjXUlu0I7vitqUmyq+1pab

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks