e4f11dbd7a741894a9a2fe88edfb862d78f6f2b86a59a313dc81bd4cfd2bbd6e | Triage

Submit
Reports

Overview

overview

7

Static

static

3

a56ec0f9bd...18.exe

windows7-x64

7

a56ec0f9bd...18.exe

windows10-2004-x64

7

Sharing

General

Target

a56ec0f9bd46f921f65e4f6e598e5ed0_JaffaCakes118
Size

180KB
Sample

240818-fcssaswdjb
MD5

a56ec0f9bd46f921f65e4f6e598e5ed0
SHA1

76d0746a181d08d6741ac40ee9576dc5e422ed25
SHA256

e4f11dbd7a741894a9a2fe88edfb862d78f6f2b86a59a313dc81bd4cfd2bbd6e
SHA512

5216c64414eae3dbe53eceac0dd49d9638defc8ada96924545f267aaa706b988d472f8952e5ebfded91353eeb416e5479277c7322ca6bf24d268bffe685f50bb
SSDEEP

3072:qpqcso4npSggsWPAR3O46TUMmUtDlBXA/Ky7YiNLfHujx00B5B+RfT9RFrfHOSGK:+qcsokpSg9WIp6TDmaTA/TseLfOfHBGV

Score

7^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a56ec0f9bd46f921f65e4f6e598e5ed0_JaffaCakes118.exe

Resource

win7-20240704-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

a56ec0f9bd46f921f65e4f6e598e5ed0_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  a56ec0f9bd46f921f65e4f6e598e5ed0_JaffaCakes118
- Size
  
  180KB
- MD5
  
  a56ec0f9bd46f921f65e4f6e598e5ed0
- SHA1
  
  76d0746a181d08d6741ac40ee9576dc5e422ed25
- SHA256
  
  e4f11dbd7a741894a9a2fe88edfb862d78f6f2b86a59a313dc81bd4cfd2bbd6e
- SHA512
  
  5216c64414eae3dbe53eceac0dd49d9638defc8ada96924545f267aaa706b988d472f8952e5ebfded91353eeb416e5479277c7322ca6bf24d268bffe685f50bb
- SSDEEP
  
  3072:qpqcso4npSggsWPAR3O46TUMmUtDlBXA/Ky7YiNLfHujx00B5B+RfT9RFrfHOSGK:+qcsokpSg9WIp6TDmaTA/TseLfOfHBGV
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy