Overview

overview

7

Static

static

3

eaa0419e10...18.exe

windows7-x64

7

eaa0419e10...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eaa0419e101fe726fb0aed8ff3d72bfb_JaffaCakes118

  • Size

    68KB

  • Sample

    240919-fks32asakd

  • MD5

    eaa0419e101fe726fb0aed8ff3d72bfb

  • SHA1

    44a1b64c9406468db09577e546eb05d180c769b5

  • SHA256

    c187d93d35918db508b65dc1160d177693c83ca710a9abe0fcf2bbce285deb93

  • SHA512

    fc8f20ea094926d7092e8553fc6bccb2f73e880f2c9a0559ac3c679d618ab720768b8fdcdbc4eb28b1f6b414a57c0678b275cdd643d1ec5e67bdd472c3ff0c61

  • SSDEEP

    1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWo5:r1BvK7pmCzSlNILr7mrl5

Score
7/10
discovery

Malware Config

Targets

    • Target

      eaa0419e101fe726fb0aed8ff3d72bfb_JaffaCakes118

    • Size

      68KB

    • MD5

      eaa0419e101fe726fb0aed8ff3d72bfb

    • SHA1

      44a1b64c9406468db09577e546eb05d180c769b5

    • SHA256

      c187d93d35918db508b65dc1160d177693c83ca710a9abe0fcf2bbce285deb93

    • SHA512

      fc8f20ea094926d7092e8553fc6bccb2f73e880f2c9a0559ac3c679d618ab720768b8fdcdbc4eb28b1f6b414a57c0678b275cdd643d1ec5e67bdd472c3ff0c61

    • SSDEEP

      1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWo5:r1BvK7pmCzSlNILr7mrl5

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks