9ecb3312056e92bf0409cd13e02e1f89e1500931d9afce56c38fc99b536ae895 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

7606196808...18.exe

windows7-x64

7

7606196808...18.exe

windows10-2004-x64

7

Sharing

General

Target

7606196808b374e180c20c15fe3a6d7b_JaffaCakes118
Size

284KB
Sample

240726-2j8mzsyhlj
MD5

7606196808b374e180c20c15fe3a6d7b
SHA1

14416ef9877f7cdd7c95fa887fc0dff8faffd693
SHA256

9ecb3312056e92bf0409cd13e02e1f89e1500931d9afce56c38fc99b536ae895
SHA512

e78bd425db86a009908d7b99c06402f3e94e36190c251c89e7288560ace854d47bdd8cb6298f86ffaff0ac7b42cdcb4ad9f33ef77040a266e854156bdf3bfbda
SSDEEP

6144:ygiKRwlc8ZPsoYqvyUCqSI8zVrBCsOtPKP/3smwLr:ygiKRwlc8ZtYVUCqSI8zVroTM/3Ur

Score

7^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7606196808b374e180c20c15fe3a6d7b_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

7606196808b374e180c20c15fe3a6d7b_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  7606196808b374e180c20c15fe3a6d7b_JaffaCakes118
- Size
  
  284KB
- MD5
  
  7606196808b374e180c20c15fe3a6d7b
- SHA1
  
  14416ef9877f7cdd7c95fa887fc0dff8faffd693
- SHA256
  
  9ecb3312056e92bf0409cd13e02e1f89e1500931d9afce56c38fc99b536ae895
- SHA512
  
  e78bd425db86a009908d7b99c06402f3e94e36190c251c89e7288560ace854d47bdd8cb6298f86ffaff0ac7b42cdcb4ad9f33ef77040a266e854156bdf3bfbda
- SSDEEP
  
  6144:ygiKRwlc8ZPsoYqvyUCqSI8zVrBCsOtPKP/3smwLr:ygiKRwlc8ZtYVUCqSI8zVroTM/3Ur
Score

7^/10

discovery
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Uses the VBS compiler for execution
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy