Overview

overview

7

Static

static

3

fc82597bf3...18.exe

windows7-x64

7

fc82597bf3...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fc82597bf3eee7106a86e5622e654de5_JaffaCakes118

  • Size

    34KB

  • Sample

    240928-rz8mta1blm

  • MD5

    fc82597bf3eee7106a86e5622e654de5

  • SHA1

    2b913334f4f6099cfe6a7b5abcb24a551a556982

  • SHA256

    154e56aa378ba8687060546ac16d691b434a920a4034d9f5236fc1d0477478a5

  • SHA512

    bc0393a1847446486a40230a7d5c62859dd759a47631667b82a3717c2d37bd5458fb113ca7f7dc889f2ca74f85c65c2dcc7be986ad90c70a28c42252215397b1

  • SSDEEP

    768:7lIGpJ3bZy1SAP6Cb2ye/w4UbDN3jKgUjIjQ0+GtmZuAZonJMz:5xJLY1SAyQ2yGwRzhIGtvJw

Score
7/10
discovery

Malware Config

Targets

    • Target

      fc82597bf3eee7106a86e5622e654de5_JaffaCakes118

    • Size

      34KB

    • MD5

      fc82597bf3eee7106a86e5622e654de5

    • SHA1

      2b913334f4f6099cfe6a7b5abcb24a551a556982

    • SHA256

      154e56aa378ba8687060546ac16d691b434a920a4034d9f5236fc1d0477478a5

    • SHA512

      bc0393a1847446486a40230a7d5c62859dd759a47631667b82a3717c2d37bd5458fb113ca7f7dc889f2ca74f85c65c2dcc7be986ad90c70a28c42252215397b1

    • SSDEEP

      768:7lIGpJ3bZy1SAP6Cb2ye/w4UbDN3jKgUjIjQ0+GtmZuAZonJMz:5xJLY1SAyQ2yGwRzhIGtvJw

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks