Overview

overview

10

Static

static

3

d98150232c...18.exe

windows7-x64

10

d98150232c...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d98150232c481934108d6597cb5dda4f_JaffaCakes118

  • Size

    579KB

  • Sample

    240911-dkxp4szajl

  • MD5

    d98150232c481934108d6597cb5dda4f

  • SHA1

    82f217fcbbb70aad87d54f8275f327aedc5e057a

  • SHA256

    15dbe4f58a5931d4ef5ec07acb8123509fdd239727daeecfa4c428714c5a6fbb

  • SHA512

    0a3bdc520e2880e1c57bbaa95230ba1b5a8b4d7a51ce46213490198565ca8332d5ebf9f726b6efd5cda6add8a8ef147bdad347e1b4964a6ce3382656a900434c

  • SSDEEP

    12288:FgbFWT7uknbop/Msfg5LFYe+6zmnppGhPoNCg6lWJirlS+:FgJW2CopUH5xZgKPo/6li0lH

Score
10/10
imminentdiscoveryspywaretrojan

Malware Config

Targets

    • Target

      d98150232c481934108d6597cb5dda4f_JaffaCakes118

    • Size

      579KB

    • MD5

      d98150232c481934108d6597cb5dda4f

    • SHA1

      82f217fcbbb70aad87d54f8275f327aedc5e057a

    • SHA256

      15dbe4f58a5931d4ef5ec07acb8123509fdd239727daeecfa4c428714c5a6fbb

    • SHA512

      0a3bdc520e2880e1c57bbaa95230ba1b5a8b4d7a51ce46213490198565ca8332d5ebf9f726b6efd5cda6add8a8ef147bdad347e1b4964a6ce3382656a900434c

    • SSDEEP

      12288:FgbFWT7uknbop/Msfg5LFYe+6zmnppGhPoNCg6lWJirlS+:FgJW2CopUH5xZgKPo/6li0lH

    Score
    10/10
    imminentdiscoveryspywaretrojan

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

      trojanspywareimminent

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks