General

  • Target

    b1e4e224a68f1c131acb463f081e15dc_JaffaCakes118

  • Size

    2.3MB

  • Sample

    240821-dn8a1s1dkp

  • MD5

    b1e4e224a68f1c131acb463f081e15dc

  • SHA1

    8d3da2b7a864268e4c72f5a19ed2385eb8e07661

  • SHA256

    aaeb5e462e6f05bca832b0f5dbb5703770fec5f5e64fb0b11551699997a94485

  • SHA512

    319f0773b2ca5f4095db3f083d93e9bf5b6ca48655d8bc8814806a3a3c80467e3a9d8acd597f3f65648c3e622f47774e786d87e1b972292c62300ff5feca77fe

  • SSDEEP

    49152:Rw391uwDvCP0Uc2xmvALlT9L0YgMeYDzj42ZteBu:Y1uWi0R2xmvALpeYv

Score
7/10

Malware Config

Targets

    • Target

      b1e4e224a68f1c131acb463f081e15dc_JaffaCakes118

    • Size

      2.3MB

    • MD5

      b1e4e224a68f1c131acb463f081e15dc

    • SHA1

      8d3da2b7a864268e4c72f5a19ed2385eb8e07661

    • SHA256

      aaeb5e462e6f05bca832b0f5dbb5703770fec5f5e64fb0b11551699997a94485

    • SHA512

      319f0773b2ca5f4095db3f083d93e9bf5b6ca48655d8bc8814806a3a3c80467e3a9d8acd597f3f65648c3e622f47774e786d87e1b972292c62300ff5feca77fe

    • SSDEEP

      49152:Rw391uwDvCP0Uc2xmvALlT9L0YgMeYDzj42ZteBu:Y1uWi0R2xmvALpeYv

    Score
    7/10
    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks