General

  • Target

    afbfb8ee1118aa89a519f72a9209d771_JaffaCakes118

  • Size

    68KB

  • Sample

    240820-spwe6sygja

  • MD5

    afbfb8ee1118aa89a519f72a9209d771

  • SHA1

    d61b263ddc1d60006d6312a2badaa2abc3c73f27

  • SHA256

    6a8b69b186425d99274e2f062cf6e4dba5d97626331708c2dc20c2e393b9db99

  • SHA512

    869698d78a22a3337d9c2e3a7ec64013d0441a8822351c306e7d4d36fdc7b1c2a9ae21cf998a06c26e1ab0058b10ce90928e1c1462c132938ca27e0166d93d9d

  • SSDEEP

    1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoe:r1BvK7pmCzSlNILr7mrle

Score
7/10

Malware Config

Targets

    • Target

      afbfb8ee1118aa89a519f72a9209d771_JaffaCakes118

    • Size

      68KB

    • MD5

      afbfb8ee1118aa89a519f72a9209d771

    • SHA1

      d61b263ddc1d60006d6312a2badaa2abc3c73f27

    • SHA256

      6a8b69b186425d99274e2f062cf6e4dba5d97626331708c2dc20c2e393b9db99

    • SHA512

      869698d78a22a3337d9c2e3a7ec64013d0441a8822351c306e7d4d36fdc7b1c2a9ae21cf998a06c26e1ab0058b10ce90928e1c1462c132938ca27e0166d93d9d

    • SSDEEP

      1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoe:r1BvK7pmCzSlNILr7mrle

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks