Overview

overview

7

Static

static

3

ba65c8a4f1...18.exe

windows7-x64

7

ba65c8a4f1...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ba65c8a4f16969465a5b11137aca884e_JaffaCakes118

  • Size

    206KB

  • Sample

    240823-fa7hnsyanm

  • MD5

    ba65c8a4f16969465a5b11137aca884e

  • SHA1

    f4064e93eb02d748a9aa5031fb1a0f9602ef1ab4

  • SHA256

    238a3fec331af1e7ef2db4dac68d05e28eaa6236f88d02caf47fb0c7c8392514

  • SHA512

    405a7537f0f03fec94298dfe5ad048b39ed1d943ddb8b2bc689ebc33b9117f0bd453f90b78b2cf5c854e7af1a15dac35d3d577d03b0cc574dd35b80c53b0349d

  • SSDEEP

    3072:r8pIZRtf4rG+g+H45EoTLZ19grIkrtT8YBKBJvgsZaSUc8Y6YqJxabBFZG:r5XQy+miA9grIkZgYBKvvvZME68bBFM

Score
7/10
discovery

Malware Config

Targets

    • Target

      ba65c8a4f16969465a5b11137aca884e_JaffaCakes118

    • Size

      206KB

    • MD5

      ba65c8a4f16969465a5b11137aca884e

    • SHA1

      f4064e93eb02d748a9aa5031fb1a0f9602ef1ab4

    • SHA256

      238a3fec331af1e7ef2db4dac68d05e28eaa6236f88d02caf47fb0c7c8392514

    • SHA512

      405a7537f0f03fec94298dfe5ad048b39ed1d943ddb8b2bc689ebc33b9117f0bd453f90b78b2cf5c854e7af1a15dac35d3d577d03b0cc574dd35b80c53b0349d

    • SSDEEP

      3072:r8pIZRtf4rG+g+H45EoTLZ19grIkrtT8YBKBJvgsZaSUc8Y6YqJxabBFZG:r5XQy+miA9grIkZgYBKvvvZME68bBFM

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks