Overview

overview

10

Static

static

3

feb0bf5b0d...18.dll

windows7-x64

10

feb0bf5b0d...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    feb0bf5b0d7f6820c330fa45091cd189_JaffaCakes118

  • Size

    2.2MB

  • Sample

    240421-hkn57adf24

  • MD5

    feb0bf5b0d7f6820c330fa45091cd189

  • SHA1

    a1f50429415bc7cbf1706c22dfdca734173fb9ac

  • SHA256

    474fe0f75ec639814eac17468c8ce29908ed30f3665457d864cffa6540047ea0

  • SHA512

    07f208c66899c0f298037dd8aab4d772e2ef6321a36519112e5d677170a58ee19d69e8a397ae0cb485cc1f2c71d82b55c004d96cf40c459fbda3b405602670f8

  • SSDEEP

    24576:52WdDKT6lr1CDu2ruh59hmxxJNOjOAUBJjlD4qH5vlalua2UotfG6o:53DlBEidgxJN5AejlD4uvlab2UotfG

Score
10/10
persistence

Malware Config

Targets

    • Target

      feb0bf5b0d7f6820c330fa45091cd189_JaffaCakes118

    • Size

      2.2MB

    • MD5

      feb0bf5b0d7f6820c330fa45091cd189

    • SHA1

      a1f50429415bc7cbf1706c22dfdca734173fb9ac

    • SHA256

      474fe0f75ec639814eac17468c8ce29908ed30f3665457d864cffa6540047ea0

    • SHA512

      07f208c66899c0f298037dd8aab4d772e2ef6321a36519112e5d677170a58ee19d69e8a397ae0cb485cc1f2c71d82b55c004d96cf40c459fbda3b405602670f8

    • SSDEEP

      24576:52WdDKT6lr1CDu2ruh59hmxxJNOjOAUBJjlD4qH5vlalua2UotfG6o:53DlBEidgxJN5AejlD4uvlab2UotfG

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks