Overview

overview

7

Static

static

3

0b0f13ee90...18.exe

windows7-x64

7

0b0f13ee90...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b0f13ee90f164862c79195be5aea92b_JaffaCakes118

  • Size

    159KB

  • Sample

    240501-e3z4mahh98

  • MD5

    0b0f13ee90f164862c79195be5aea92b

  • SHA1

    670232571a1ef2521e649819262bc5ac531f5ea6

  • SHA256

    6cab3dca7b74e6f38f224ba1f35b1bcff8ef4f54c14a3b10eb2fb67b86bc43b8

  • SHA512

    ac0e4fc0e7a6285d729601b7e06acdd306b4180cec30f1c5547d50f2b94e8c8b5ff02edf23faf0242dc98f11fb3d503b70a465a387af7e92032ace2f4e080a81

  • SSDEEP

    3072:ra1KZN8FVAenR7uHUeCBNxgJ9zSQRef+f:ra1G8FVA6aHUB87WQRew

Score
7/10
persistence

Malware Config

Targets

    • Target

      0b0f13ee90f164862c79195be5aea92b_JaffaCakes118

    • Size

      159KB

    • MD5

      0b0f13ee90f164862c79195be5aea92b

    • SHA1

      670232571a1ef2521e649819262bc5ac531f5ea6

    • SHA256

      6cab3dca7b74e6f38f224ba1f35b1bcff8ef4f54c14a3b10eb2fb67b86bc43b8

    • SHA512

      ac0e4fc0e7a6285d729601b7e06acdd306b4180cec30f1c5547d50f2b94e8c8b5ff02edf23faf0242dc98f11fb3d503b70a465a387af7e92032ace2f4e080a81

    • SSDEEP

      3072:ra1KZN8FVAenR7uHUeCBNxgJ9zSQRef+f:ra1G8FVA6aHUB87WQRew

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks