Overview

overview

10

Static

static

3

f533dc8ad8...18.exe

windows7-x64

10

f533dc8ad8...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f533dc8ad8ad4f1fd441c217e0e2eb94_JaffaCakes118

  • Size

    31KB

  • Sample

    240417-hd2spsga64

  • MD5

    f533dc8ad8ad4f1fd441c217e0e2eb94

  • SHA1

    484d304e3babc546a2a01014746bdedad9438307

  • SHA256

    1ddd0239b9de4a28e2dccf2c3f3d6ee7e9d9f7569d2d2873eca55f74b8dfb0ac

  • SHA512

    283f6c3abb928a595e93a04722480d1df55e94474ed8ddea2c348cfffe68624430b83d4787dffecd37db10bce1cdf46a8a1cb8912db53d49f8b75d3d83d46c9d

  • SSDEEP

    768:421zJp4kJzsQEv/OgRzTC/IRI9inA+L3nbcuyD7UDNWGF:42iEQQEv/OGzUYnTTnouy8p3

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      f533dc8ad8ad4f1fd441c217e0e2eb94_JaffaCakes118

    • Size

      31KB

    • MD5

      f533dc8ad8ad4f1fd441c217e0e2eb94

    • SHA1

      484d304e3babc546a2a01014746bdedad9438307

    • SHA256

      1ddd0239b9de4a28e2dccf2c3f3d6ee7e9d9f7569d2d2873eca55f74b8dfb0ac

    • SHA512

      283f6c3abb928a595e93a04722480d1df55e94474ed8ddea2c348cfffe68624430b83d4787dffecd37db10bce1cdf46a8a1cb8912db53d49f8b75d3d83d46c9d

    • SSDEEP

      768:421zJp4kJzsQEv/OgRzTC/IRI9inA+L3nbcuyD7UDNWGF:42iEQQEv/OGzUYnTTnouy8p3

    Score
    10/10
    evasionpersistencetrojan

    • UAC bypass

      evasiontrojan

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks