Overview

overview

10

Static

static

10

02ac8b53bb...18.exe

windows7-x64

10

02ac8b53bb...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02ac8b53bbd50f1e8897fa22971b6041_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240427-hq6bnadd64

  • MD5

    02ac8b53bbd50f1e8897fa22971b6041

  • SHA1

    86dcac9e69c8a23b294c2bc951666f7c4dbb5f61

  • SHA256

    934979c470575846352e330d8d60bd4e4dc82fb12838b5c440818d20c1b42960

  • SHA512

    db9c6853cb5d048a2ca2455d6b3c6c015dd3f4d9bb5b817a6d3bd488fa686f51c37e51a4b6ca455460e7eb49b70c1e31bc1d224619b90ec16e7716571080ff6e

  • SSDEEP

    24576:hxY3NtGUmJr+4Obxd+tPZSZGiE6EhE9xY3NtGUmJr+4Obxd+tPZSZ/iE6EhE7:LY3buzMV0IY3buzMo0E

Score
10/10
fakeavfakeavpersistencespyware

Malware Config

Targets

    • Target

      02ac8b53bbd50f1e8897fa22971b6041_JaffaCakes118

    • Size

      1.6MB

    • MD5

      02ac8b53bbd50f1e8897fa22971b6041

    • SHA1

      86dcac9e69c8a23b294c2bc951666f7c4dbb5f61

    • SHA256

      934979c470575846352e330d8d60bd4e4dc82fb12838b5c440818d20c1b42960

    • SHA512

      db9c6853cb5d048a2ca2455d6b3c6c015dd3f4d9bb5b817a6d3bd488fa686f51c37e51a4b6ca455460e7eb49b70c1e31bc1d224619b90ec16e7716571080ff6e

    • SSDEEP

      24576:hxY3NtGUmJr+4Obxd+tPZSZGiE6EhE9xY3NtGUmJr+4Obxd+tPZSZ/iE6EhE7:LY3buzMV0IY3buzMo0E

    Score
    10/10
    fakeavfakeavpersistencespyware

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

      fakeavspywarefakeav

    • FakeAV payload

      fakeavspyware

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks