Overview

overview

7

Static

static

3

6116d7b6c4...18.exe

windows7-x64

7

6116d7b6c4...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6116d7b6c499555813824aa3aec4da92_JaffaCakes118

  • Size

    33KB

  • Sample

    240721-x5376stbmj

  • MD5

    6116d7b6c499555813824aa3aec4da92

  • SHA1

    ee80bea9d85389216fe89e05a95016145aa9b0ff

  • SHA256

    46ad239521341607995d631c2edd4d149071bb4e3243a350b799453f7db3db66

  • SHA512

    933f70841bb82b00bb9cdcb349fa23eaf24605855b50ad4f57377d678b51784e7c8ec02e78fefa4bdda0bd1e150b8ed9384e659c2134b2c8d3f757f21de99854

  • SSDEEP

    768:7lIGpJ3bZy1SAP6Cb2ye/w4UbDN3jKgUjIjQ0+GtmZuAZonc:5xJLY1SAyQ2yGwRzhIGtvc

Score
7/10

Malware Config

Targets

    • Target

      6116d7b6c499555813824aa3aec4da92_JaffaCakes118

    • Size

      33KB

    • MD5

      6116d7b6c499555813824aa3aec4da92

    • SHA1

      ee80bea9d85389216fe89e05a95016145aa9b0ff

    • SHA256

      46ad239521341607995d631c2edd4d149071bb4e3243a350b799453f7db3db66

    • SHA512

      933f70841bb82b00bb9cdcb349fa23eaf24605855b50ad4f57377d678b51784e7c8ec02e78fefa4bdda0bd1e150b8ed9384e659c2134b2c8d3f757f21de99854

    • SSDEEP

      768:7lIGpJ3bZy1SAP6Cb2ye/w4UbDN3jKgUjIjQ0+GtmZuAZonc:5xJLY1SAyQ2yGwRzhIGtvc

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks