Overview

overview

10

Static

static

3

e98706260c...18.exe

windows7-x64

10

e98706260c...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e98706260c9febce2ed735b3b265fe2e_JaffaCakes118

  • Size

    458KB

  • Sample

    240409-jy1a2sac28

  • MD5

    e98706260c9febce2ed735b3b265fe2e

  • SHA1

    c658dd99f26cee27eb6e1700921a9a84dc08b60b

  • SHA256

    3805c40ee4b3780863390493793b7b38c87504af28bc618638b5531e5daaf157

  • SHA512

    717cf5db4a6700313d9471fae603d586daeae84612dcee9535a6d8da35add2922d029851597736b7cf5414f8483da9b3e9f9c40836a70ce1aa27d5b01d12e7e2

  • SSDEEP

    6144:UZfec9EbXDk6Rk4KWnmy+g4c/UOPSe570Szp3CrG1VVE+IA:UZWtI6RkkcOB0Vut

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      e98706260c9febce2ed735b3b265fe2e_JaffaCakes118

    • Size

      458KB

    • MD5

      e98706260c9febce2ed735b3b265fe2e

    • SHA1

      c658dd99f26cee27eb6e1700921a9a84dc08b60b

    • SHA256

      3805c40ee4b3780863390493793b7b38c87504af28bc618638b5531e5daaf157

    • SHA512

      717cf5db4a6700313d9471fae603d586daeae84612dcee9535a6d8da35add2922d029851597736b7cf5414f8483da9b3e9f9c40836a70ce1aa27d5b01d12e7e2

    • SSDEEP

      6144:UZfec9EbXDk6Rk4KWnmy+g4c/UOPSe570Szp3CrG1VVE+IA:UZWtI6RkkcOB0Vut

    Score
    10/10
    evasionpersistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks