Overview

overview

7

Static

static

3

f5f6922e3a...18.exe

windows7-x64

7

f5f6922e3a...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5f6922e3a9223a94a0e79aabe24c2e2_JaffaCakes118

  • Size

    38KB

  • Sample

    240925-n5wzestfmp

  • MD5

    f5f6922e3a9223a94a0e79aabe24c2e2

  • SHA1

    5296d58dd2b2c53551847ddd0c8b1e9af6115eca

  • SHA256

    918476113fab1403156c8cb5511fc9d96ebe72bfaed76e89c255e0a31c65a419

  • SHA512

    cf6bb90ad831eda64f9fc765d5ef715e4b9fc5e35ce36b25d1816b948262e1b2a62210fdc3f1585121d34121e8590945845513144422b0d7a1277038bfb5a66d

  • SSDEEP

    768:gF75Qu6d+I5m5XzrJCIp3ptMDW5cxsNxUtJqlPV:4aUXQI9wDW5XN6t8d

Score
7/10
discovery

Malware Config

Targets

    • Target

      f5f6922e3a9223a94a0e79aabe24c2e2_JaffaCakes118

    • Size

      38KB

    • MD5

      f5f6922e3a9223a94a0e79aabe24c2e2

    • SHA1

      5296d58dd2b2c53551847ddd0c8b1e9af6115eca

    • SHA256

      918476113fab1403156c8cb5511fc9d96ebe72bfaed76e89c255e0a31c65a419

    • SHA512

      cf6bb90ad831eda64f9fc765d5ef715e4b9fc5e35ce36b25d1816b948262e1b2a62210fdc3f1585121d34121e8590945845513144422b0d7a1277038bfb5a66d

    • SSDEEP

      768:gF75Qu6d+I5m5XzrJCIp3ptMDW5cxsNxUtJqlPV:4aUXQI9wDW5XN6t8d

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks