Overview

overview

7

Static

static

3

ea6a2d13e2...18.exe

windows7-x64

7

ea6a2d13e2...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea6a2d13e202dbfce0984da3f2a6a348_JaffaCakes118

  • Size

    200KB

  • Sample

    240409-txfv5aff3s

  • MD5

    ea6a2d13e202dbfce0984da3f2a6a348

  • SHA1

    114d2e2998edb850ebd1958eb46e16c0ea010584

  • SHA256

    2efb2766b48aebb6dc93ef9e89ced601052fd8ecf40187f1d967bdc7867f4e91

  • SHA512

    c5da4c1b39e5a888d0370cfcecc22c733f1ec2e2c4eb9e87a3cb10f006019ca3771c3ec846d2d8bbfdbfedb5fbc14aa997cc6c7837cc708251aec86457f11102

  • SSDEEP

    6144:ULxNJtKwe1T2j8LCKGs+RGWR2Pa/HaMvYlx:kxNnKLNYNHaMvw

Score
7/10
persistence

Malware Config

Targets

    • Target

      ea6a2d13e202dbfce0984da3f2a6a348_JaffaCakes118

    • Size

      200KB

    • MD5

      ea6a2d13e202dbfce0984da3f2a6a348

    • SHA1

      114d2e2998edb850ebd1958eb46e16c0ea010584

    • SHA256

      2efb2766b48aebb6dc93ef9e89ced601052fd8ecf40187f1d967bdc7867f4e91

    • SHA512

      c5da4c1b39e5a888d0370cfcecc22c733f1ec2e2c4eb9e87a3cb10f006019ca3771c3ec846d2d8bbfdbfedb5fbc14aa997cc6c7837cc708251aec86457f11102

    • SSDEEP

      6144:ULxNJtKwe1T2j8LCKGs+RGWR2Pa/HaMvYlx:kxNnKLNYNHaMvw

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks