Overview

overview

7

Static

static

3

b6baa90bbe...18.exe

windows7-x64

7

b6baa90bbe...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b6baa90bbe79fbe61626b3ced58307c3_JaffaCakes118

  • Size

    206KB

  • Sample

    240822-hmf8csxbll

  • MD5

    b6baa90bbe79fbe61626b3ced58307c3

  • SHA1

    0a5d08676fc4b2a179ca2f1ab661f230a4811715

  • SHA256

    88c540b78e2ad0e266d4a709be9591021644417c0334cde9aa08426037dca05a

  • SHA512

    fdf119cc7a994140611337ecb483de8e8b4ed98a849c290ffa3714db5a1cffe9800d110bf4d37933c86bb83d9457016905c94c5638c6af72304dcb7a0b21f14d

  • SSDEEP

    6144:lg8UOozovxNupaHjwGGHOJfSxiY7eWQn2:foaHctoSxDs2

Score
7/10
discovery

Malware Config

Targets

    • Target

      b6baa90bbe79fbe61626b3ced58307c3_JaffaCakes118

    • Size

      206KB

    • MD5

      b6baa90bbe79fbe61626b3ced58307c3

    • SHA1

      0a5d08676fc4b2a179ca2f1ab661f230a4811715

    • SHA256

      88c540b78e2ad0e266d4a709be9591021644417c0334cde9aa08426037dca05a

    • SHA512

      fdf119cc7a994140611337ecb483de8e8b4ed98a849c290ffa3714db5a1cffe9800d110bf4d37933c86bb83d9457016905c94c5638c6af72304dcb7a0b21f14d

    • SSDEEP

      6144:lg8UOozovxNupaHjwGGHOJfSxiY7eWQn2:foaHctoSxDs2

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks