Overview

overview

7

Static

static

3

181d998423...18.exe

windows7-x64

7

181d998423...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    181d998423c13550ae9184b5d6f43b95_JaffaCakes118

  • Size

    68KB

  • Sample

    241006-pvrsdsydrf

  • MD5

    181d998423c13550ae9184b5d6f43b95

  • SHA1

    3a8eb5389118270e16cc8ac5eb376d84118e2b9f

  • SHA256

    7700de40211d802ca49c2c457d30c4e34a80c3ee5b090081126fd32a4fa4c652

  • SHA512

    252c7e9b7d8e8b77d118b2deb2b1b8bd9373e4302f53001c3712da030e697905dc81a13ae0594b7f319c862d64c1295917f2f8aa3c92a445a65220d94d5d5b5f

  • SSDEEP

    1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoM:r1BvK7pmCzSlNILr7mrlM

Score
7/10
discovery

Malware Config

Targets

    • Target

      181d998423c13550ae9184b5d6f43b95_JaffaCakes118

    • Size

      68KB

    • MD5

      181d998423c13550ae9184b5d6f43b95

    • SHA1

      3a8eb5389118270e16cc8ac5eb376d84118e2b9f

    • SHA256

      7700de40211d802ca49c2c457d30c4e34a80c3ee5b090081126fd32a4fa4c652

    • SHA512

      252c7e9b7d8e8b77d118b2deb2b1b8bd9373e4302f53001c3712da030e697905dc81a13ae0594b7f319c862d64c1295917f2f8aa3c92a445a65220d94d5d5b5f

    • SSDEEP

      1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoM:r1BvK7pmCzSlNILr7mrlM

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks