Overview

overview

7

Static

static

3

eeb5a12487...18.exe

windows7-x64

7

eeb5a12487...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    eeb5a12487d53c0f25d69c0dc4f74058_JaffaCakes118

  • Size

    38KB

  • Sample

    240921-ahq8rswbnd

  • MD5

    eeb5a12487d53c0f25d69c0dc4f74058

  • SHA1

    a7cd19acb5507e01ef44ebadea5536d13c0daf5b

  • SHA256

    5bd321e92d2fc9cb3cc34c9544e5a59956f0337718e08d3874cce08dabe69c2e

  • SHA512

    77e506c4c95ae2bc1966fcf172589616b3c3b50d13fb8f66f146db5a85d5e4fb441860cb70a832a7ef16b9b58d62dff9196453f3d9dd639070df8d11159f2c71

  • SSDEEP

    768:EoGBwgQ9xh7miRJsKue84EZ43eX/rUI/w9bbVAAtFPoIlan81:EoGBwgc7miL85ZGWQIohZAAfm81

Score
7/10
discovery

Malware Config

Targets

    • Target

      eeb5a12487d53c0f25d69c0dc4f74058_JaffaCakes118

    • Size

      38KB

    • MD5

      eeb5a12487d53c0f25d69c0dc4f74058

    • SHA1

      a7cd19acb5507e01ef44ebadea5536d13c0daf5b

    • SHA256

      5bd321e92d2fc9cb3cc34c9544e5a59956f0337718e08d3874cce08dabe69c2e

    • SHA512

      77e506c4c95ae2bc1966fcf172589616b3c3b50d13fb8f66f146db5a85d5e4fb441860cb70a832a7ef16b9b58d62dff9196453f3d9dd639070df8d11159f2c71

    • SSDEEP

      768:EoGBwgQ9xh7miRJsKue84EZ43eX/rUI/w9bbVAAtFPoIlan81:EoGBwgc7miL85ZGWQIohZAAfm81

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks