a190817db0b96037545737db585c08bac0d1190fec83a454c23a85fad2e7df33 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

63fe01015f...18.exe

windows7-x64

7

63fe01015f...18.exe

windows10-2004-x64

7

Sharing

General

Target

63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118
Size

214KB
Sample

240722-vdjncaxdjb
MD5

63fe01015f4ceb19c9b64ad0bccc723b
SHA1

cc2a9fb065871024e41c20dca051f3e416677c89
SHA256

a190817db0b96037545737db585c08bac0d1190fec83a454c23a85fad2e7df33
SHA512

5ec98e2215d88552af88ae5b0feaf8a0e390080e3150cfb20ce439fb0064f8ef2fe9c0b963de0e9cc6bc93f0cbdd4dc6950138e878005b8901c07a35438c40b5
SSDEEP

6144:hr8BPOXg3B5eDyV9/ZxoqiLB2wS4hcu8Fq:hr8PKgx5rV9/ZmLBy4IFq

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118.exe

Resource

win7-20240704-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118
- Size
  
  214KB
- MD5
  
  63fe01015f4ceb19c9b64ad0bccc723b
- SHA1
  
  cc2a9fb065871024e41c20dca051f3e416677c89
- SHA256
  
  a190817db0b96037545737db585c08bac0d1190fec83a454c23a85fad2e7df33
- SHA512
  
  5ec98e2215d88552af88ae5b0feaf8a0e390080e3150cfb20ce439fb0064f8ef2fe9c0b963de0e9cc6bc93f0cbdd4dc6950138e878005b8901c07a35438c40b5
- SSDEEP
  
  6144:hr8BPOXg3B5eDyV9/ZxoqiLB2wS4hcu8Fq:hr8PKgx5rV9/ZmLBy4IFq
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy