0e0885d580cde4a73db74f696a72bc88811f1ad1ad4666fbcaefc21e9de65d06 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f55ce56a4c02445219fe1e00c6b0df1c_JaffaCakes118
Size

239KB
Sample

240925-gwlc1asdjd
MD5

f55ce56a4c02445219fe1e00c6b0df1c
SHA1

581dc1b1144c9f52ecb374a9ecdf198ea23fe112
SHA256

0e0885d580cde4a73db74f696a72bc88811f1ad1ad4666fbcaefc21e9de65d06
SHA512

c93ad52c260202bbdc7b2b90cb705b5a1b9dc6abe70c2b2d2088c9872b49ad0937f2501d8f121c7a3e2708b3b39dcc9dca6c93791f63b390a366a498c5b4d631
SSDEEP

3072:DbWAs+Vduh2r7n9dOElSJG2pwDcIPMpnEJ+iNwssJOUPR/mH6Fd/NpDKjBW:D6A1Qh2f9d8G2pHtJqcMUpHLKjk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f55ce56a4c02445219fe1e00c6b0df1c_JaffaCakes118
- Size
  
  239KB
- MD5
  
  f55ce56a4c02445219fe1e00c6b0df1c
- SHA1
  
  581dc1b1144c9f52ecb374a9ecdf198ea23fe112
- SHA256
  
  0e0885d580cde4a73db74f696a72bc88811f1ad1ad4666fbcaefc21e9de65d06
- SHA512
  
  c93ad52c260202bbdc7b2b90cb705b5a1b9dc6abe70c2b2d2088c9872b49ad0937f2501d8f121c7a3e2708b3b39dcc9dca6c93791f63b390a366a498c5b4d631
- SSDEEP
  
  3072:DbWAs+Vduh2r7n9dOElSJG2pwDcIPMpnEJ+iNwssJOUPR/mH6Fd/NpDKjBW:D6A1Qh2f9d8G2pHtJqcMUpHLKjk
Score

7^/10

discovery
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2