Overview

overview

7

Static

static

3

c007591768...18.exe

windows7-x64

7

c007591768...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    c0075917689273894c19c475b866208a_JaffaCakes118

  • Size

    68KB

  • Sample

    240825-fzvv6syarq

  • MD5

    c0075917689273894c19c475b866208a

  • SHA1

    25241f3a5821caeeb988bb9215b614d925acd253

  • SHA256

    d50368df7a738abbaa9238dd33cc54ffafcd9b30c00d6fa4c22abd87d0fe44fa

  • SHA512

    0181e8fd03ae9b4f08cc27b602a44499a73dbbd5436a12f6601471b06b99cda125e62aa59fbc527f0d7133cb6fa8e2573c5771a59dbdc4d0918b469ccc85bf86

  • SSDEEP

    1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWou:r1BvK7pmCzSlNILr7mrlu

Score
7/10
discovery

Malware Config

Targets

    • Target

      c0075917689273894c19c475b866208a_JaffaCakes118

    • Size

      68KB

    • MD5

      c0075917689273894c19c475b866208a

    • SHA1

      25241f3a5821caeeb988bb9215b614d925acd253

    • SHA256

      d50368df7a738abbaa9238dd33cc54ffafcd9b30c00d6fa4c22abd87d0fe44fa

    • SHA512

      0181e8fd03ae9b4f08cc27b602a44499a73dbbd5436a12f6601471b06b99cda125e62aa59fbc527f0d7133cb6fa8e2573c5771a59dbdc4d0918b469ccc85bf86

    • SSDEEP

      1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWou:r1BvK7pmCzSlNILr7mrlu

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks