Overview

overview

8

Static

static

3

e7d32dbff7...18.exe

windows7-x64

8

e7d32dbff7...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e7d32dbff7233c5c71748746f3406ba2_JaffaCakes118

  • Size

    28KB

  • Sample

    240408-s88jvadb57

  • MD5

    e7d32dbff7233c5c71748746f3406ba2

  • SHA1

    edaca745b398e8c26237b5627508f114e60dd580

  • SHA256

    09fc3f2b861160efb76043f3e16b09650afded6dbe56bc4dc1cb299284bf2a9f

  • SHA512

    decc24fdc83ca0da35f4991136dd47802229163d4b861308b3ef5d4a5b831a76dc1556696095202a7691b2a2f2ffd40d4be7679b3dbd1e95241be3f994086b7c

  • SSDEEP

    384:SDvs1AxlVnvnm6/6evXRMBZ8q6OQgvrOvYl9XVzBPCLB0rLH4CQxUwfSnKf3X1u8:yXAZ8krnISf1otckIiLW1/PEFGUwxTA

Score
8/10
persistence

Malware Config

Targets

    • Target

      e7d32dbff7233c5c71748746f3406ba2_JaffaCakes118

    • Size

      28KB

    • MD5

      e7d32dbff7233c5c71748746f3406ba2

    • SHA1

      edaca745b398e8c26237b5627508f114e60dd580

    • SHA256

      09fc3f2b861160efb76043f3e16b09650afded6dbe56bc4dc1cb299284bf2a9f

    • SHA512

      decc24fdc83ca0da35f4991136dd47802229163d4b861308b3ef5d4a5b831a76dc1556696095202a7691b2a2f2ffd40d4be7679b3dbd1e95241be3f994086b7c

    • SSDEEP

      384:SDvs1AxlVnvnm6/6evXRMBZ8q6OQgvrOvYl9XVzBPCLB0rLH4CQxUwfSnKf3X1u8:yXAZ8krnISf1otckIiLW1/PEFGUwxTA

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks