Overview

overview

7

Static

static

3

ba0b6a45c2...18.exe

windows7-x64

7

ba0b6a45c2...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ba0b6a45c23b575ca6e62d459f8a5b3b_JaffaCakes118

  • Size

    177KB

  • Sample

    240823-c56m3s1epc

  • MD5

    ba0b6a45c23b575ca6e62d459f8a5b3b

  • SHA1

    3785e343325b465012cc89fe6245c3fc42148c74

  • SHA256

    93f4e86929e197c80e392d9728e35b59218501602e81ce8798f08ef05fae8bb4

  • SHA512

    a150888c641ad38d32dd33646ed02e967edb9ba2b97aeb1d2c46a2d12e7a49ca87cb75cb93e3147a15dbade22f51045e7f5fc679ef1110335e8fe3efa82fe911

  • SSDEEP

    3072:qpqcso4npSggsWPAR3O46TUMmUtDlBXA/Ky7YiNLfHujx00B5B+RfT9RFrfHOSGs:+qcsokpSg9WIp6TDmaTA/TseLfOfHBG7

Score
7/10
discovery

Malware Config

Targets

    • Target

      ba0b6a45c23b575ca6e62d459f8a5b3b_JaffaCakes118

    • Size

      177KB

    • MD5

      ba0b6a45c23b575ca6e62d459f8a5b3b

    • SHA1

      3785e343325b465012cc89fe6245c3fc42148c74

    • SHA256

      93f4e86929e197c80e392d9728e35b59218501602e81ce8798f08ef05fae8bb4

    • SHA512

      a150888c641ad38d32dd33646ed02e967edb9ba2b97aeb1d2c46a2d12e7a49ca87cb75cb93e3147a15dbade22f51045e7f5fc679ef1110335e8fe3efa82fe911

    • SSDEEP

      3072:qpqcso4npSggsWPAR3O46TUMmUtDlBXA/Ky7YiNLfHujx00B5B+RfT9RFrfHOSGs:+qcsokpSg9WIp6TDmaTA/TseLfOfHBG7

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks