General

  • Target

    f6c1d111f7e2c75ef85c13907e2494f6_JaffaCakes118

  • Size

    91KB

  • Sample

    240925-ypnyzsvcqn

  • MD5

    f6c1d111f7e2c75ef85c13907e2494f6

  • SHA1

    623fbe17416b75deee3f755d92d81ccb076c11f5

  • SHA256

    970e9b13c1b89a77feaf2e476ac5f1202710e581048474546eaaf113464903b5

  • SHA512

    d34556a84ef740e4217698a4e699a3b945db72d5d51421b376f9a6d9ffdcf922c85a03d2e265bec1003a00cf76c92b2990c1df694b25a581ec1b39c927f47e00

  • SSDEEP

    1536:ZiDLG7z8p+SZjBHdEhIxBtS5Q5grdU3+kNS9Y/bmF6uIo6nX7mNeomBZzJ1J+B0q:ZifEzyPHdEaaQ5g2Ow2Y/bmF65NCNeon

Score
7/10

Malware Config

Targets

    • Target

      f6c1d111f7e2c75ef85c13907e2494f6_JaffaCakes118

    • Size

      91KB

    • MD5

      f6c1d111f7e2c75ef85c13907e2494f6

    • SHA1

      623fbe17416b75deee3f755d92d81ccb076c11f5

    • SHA256

      970e9b13c1b89a77feaf2e476ac5f1202710e581048474546eaaf113464903b5

    • SHA512

      d34556a84ef740e4217698a4e699a3b945db72d5d51421b376f9a6d9ffdcf922c85a03d2e265bec1003a00cf76c92b2990c1df694b25a581ec1b39c927f47e00

    • SSDEEP

      1536:ZiDLG7z8p+SZjBHdEhIxBtS5Q5grdU3+kNS9Y/bmF6uIo6nX7mNeomBZzJ1J+B0q:ZifEzyPHdEaaQ5g2Ow2Y/bmF65NCNeon

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks