General

  • Target

    b8f99dd08bc516d9b28bb053c534c4e7_JaffaCakes118

  • Size

    126KB

  • Sample

    241202-s9an7swmgn

  • MD5

    b8f99dd08bc516d9b28bb053c534c4e7

  • SHA1

    b3d39cd1a3a2b3c21529cd429411741653ba9824

  • SHA256

    97851bc4e6c53a92267c46c2b1db5d59156d7fe05a5d26bd035af07f6f4783c3

  • SHA512

    968dfcecf9685a1988402cd2dc7f5d08749e521a8931ae45e45b3a45eb771ed57e188d43ca2ad9ec6da4dccb8e6347c665115b820dbbb8f0f368f975c459cd05

  • SSDEEP

    3072:rRNTX5SGuscGGCUyJebwghLMCOj4FT0dX5SsO36:XoGDRUyJEwgyv9bOq

Malware Config

Targets

    • Target

      dhl_paket_938289597482171__ID__080993679416854LZK___KW_H__F05_06_2015___HHL07_17_15.exe

    • Size

      188KB

    • MD5

      c3dd665a7938d4483a9f5bdae69183bf

    • SHA1

      5d968a8db0c800328fd372e02c4fe00a568ccba4

    • SHA256

      572561ac419cac3aab3c14e2a9c97452d74f2d068e377622a6af2c7ce83a1650

    • SHA512

      21a2ca0037f18d73f7290579cce5ebf0f58e4c5f3f6d300e5f2905749523bb14a752cb9ec8755c7287eeee0b1cd3b75d75069a1ef979168e52e08c6625e8e77a

    • SSDEEP

      3072:Ipe/rgTsjXUmVAi60q6z+7FtcGGCUyJebaghLMCOj4FT0weiwWhw1gb:2eMcfo0q8+ZtRUyJEagyv9weiwWhw10

    • Detect Emotet payload

    • Emotet

      Emotet is a trojan that is primarily spread through spam emails.

    • Emotet family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks