Overview

overview

7

Static

static

3

ab0607d7ef...18.exe

windows7-x64

7

ab0607d7ef...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ab0607d7ef231619cdcb0c4f70a0ded4_JaffaCakes118

  • Size

    38KB

  • Sample

    240819-pnd8qaxdln

  • MD5

    ab0607d7ef231619cdcb0c4f70a0ded4

  • SHA1

    ab6d2d1710b4bfa59f27262106af3fd162840a66

  • SHA256

    5037f32dd5fab545d51c2253bb4cd2d3e20a4bf838ae2eafd1a46541af00f396

  • SHA512

    350f0ebdd784d3422caff0c1c5eb6d9a42c398ad560c411487ba81da7e39155754438b76543b14eef3047ecb69ee915d2675d33c4b0856681298940a51b8d0ae

  • SSDEEP

    768:gF75Qu6d+I5m5XzrJCIp3ptMDW5cxsNxUtJqlP+:4aUXQI9wDW5XN6t8W

Score
7/10
discovery

Malware Config

Targets

    • Target

      ab0607d7ef231619cdcb0c4f70a0ded4_JaffaCakes118

    • Size

      38KB

    • MD5

      ab0607d7ef231619cdcb0c4f70a0ded4

    • SHA1

      ab6d2d1710b4bfa59f27262106af3fd162840a66

    • SHA256

      5037f32dd5fab545d51c2253bb4cd2d3e20a4bf838ae2eafd1a46541af00f396

    • SHA512

      350f0ebdd784d3422caff0c1c5eb6d9a42c398ad560c411487ba81da7e39155754438b76543b14eef3047ecb69ee915d2675d33c4b0856681298940a51b8d0ae

    • SSDEEP

      768:gF75Qu6d+I5m5XzrJCIp3ptMDW5cxsNxUtJqlP+:4aUXQI9wDW5XN6t8W

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks