Overview

overview

7

Static

static

3

03115ddbed...18.exe

windows7-x64

7

03115ddbed...18.exe

windows10-2004-x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03115ddbed4500f571c7e1053c1b971c_JaffaCakes118

  • Size

    3.6MB

  • Sample

    240427-mrbkwshd8z

  • MD5

    03115ddbed4500f571c7e1053c1b971c

  • SHA1

    6e45d592887838bd6e841c6262bc3327e46afaba

  • SHA256

    c659860cb5a943d47df9030580c36acfe89a47d55c7228b5892c6683f994277a

  • SHA512

    9bdf94d6bd9655b3a629176c362033539319539f21ab3ce440c19f481ee2fde9a264dc6c7e80aebfe29235a6d1f4a983452b2423cff258443a2414975da0accc

  • SSDEEP

    49152:iQSW6doFejw2qj4magWf2aUk35xr49wM3rKUPzT:iQS44Dqkmoe435xrabK0T

Score
7/10
persistence

Malware Config

Targets

    • Target

      03115ddbed4500f571c7e1053c1b971c_JaffaCakes118

    • Size

      3.6MB

    • MD5

      03115ddbed4500f571c7e1053c1b971c

    • SHA1

      6e45d592887838bd6e841c6262bc3327e46afaba

    • SHA256

      c659860cb5a943d47df9030580c36acfe89a47d55c7228b5892c6683f994277a

    • SHA512

      9bdf94d6bd9655b3a629176c362033539319539f21ab3ce440c19f481ee2fde9a264dc6c7e80aebfe29235a6d1f4a983452b2423cff258443a2414975da0accc

    • SSDEEP

      49152:iQSW6doFejw2qj4magWf2aUk35xr49wM3rKUPzT:iQS44Dqkmoe435xrabK0T

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks