Overview

overview

8

Static

static

3

bf4e18ef5f...18.exe

windows7-x64

8

bf4e18ef5f...18.exe

windows10-2004-x64

8

$TEMP/QcpNCZYdgT.dll

windows7-x64

7

$TEMP/QcpNCZYdgT.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf4e18ef5f95a38c532c9afa99624387_JaffaCakes118

  • Size

    107KB

  • Sample

    240824-yq9l3sycln

  • MD5

    bf4e18ef5f95a38c532c9afa99624387

  • SHA1

    2bf27cfd27f75a6ed246e310a1ede97e0c400462

  • SHA256

    4e104aa83c09b34efa7590dc282db4cad2bb26c79c82f6ccd70289fee68fc8e2

  • SHA512

    33f55e91d8cdae4c63cfde11b664f984acec6982fe46a27a853d820f9a31376606fec833853ea5548a2b32cc9187fd738f8695e6a61b98d48ecc7925de600a52

  • SSDEEP

    3072:IgXdZt9P6D3XJbCRcgfD+P9c98GKCJBDQMNXfen+Nz592G:Ie344HKVJGNEMFeGz2G

Score
8/10
discovery

Malware Config

Targets

    • Target

      bf4e18ef5f95a38c532c9afa99624387_JaffaCakes118

    • Size

      107KB

    • MD5

      bf4e18ef5f95a38c532c9afa99624387

    • SHA1

      2bf27cfd27f75a6ed246e310a1ede97e0c400462

    • SHA256

      4e104aa83c09b34efa7590dc282db4cad2bb26c79c82f6ccd70289fee68fc8e2

    • SHA512

      33f55e91d8cdae4c63cfde11b664f984acec6982fe46a27a853d820f9a31376606fec833853ea5548a2b32cc9187fd738f8695e6a61b98d48ecc7925de600a52

    • SSDEEP

      3072:IgXdZt9P6D3XJbCRcgfD+P9c98GKCJBDQMNXfen+Nz592G:Ie344HKVJGNEMFeGz2G

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $TEMP/QcpNCZYdgT.dll

    • Size

      110KB

    • MD5

      b456728b1d8effba1a0a9a9ad1169339

    • SHA1

      46d9e623711ec3a832ab65c827f2f7123ce7fd7b

    • SHA256

      e1377bdfb12173222e5da58d6948b903fe8258a311ec5fc24e1d8647147ca8f4

    • SHA512

      4420b9640fca373886790fccd5a8b6ca598a9e8acb115ea2518a5c6dbbc5ec2480ad633c58477d753b63355c0eda49b13eeec11ddb717af60eaeae58ab09c0c4

    • SSDEEP

      1536:J/2WTZ9DdURJwNR/6eaLDiuxy1SjnT5lziPLLHwOtRrSrHO4V397uw4hAWm7A9C9:0WTXxj6NTySrdqLw4rYjVJtyhmcW

    Score
    7/10
    discovery

    • Deletes itself

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks