Overview

overview

8

Static

static

3

4b8d0958df...18.exe

windows7-x64

8

4b8d0958df...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4b8d0958dfa0148186a6cd4cf1d07e28_JaffaCakes118

  • Size

    2.5MB

  • Sample

    240516-rtr3wahc92

  • MD5

    4b8d0958dfa0148186a6cd4cf1d07e28

  • SHA1

    bbae983c2d1043070dacbb36eccc4f5baf1fca1f

  • SHA256

    151cd8baf5f35af4728d56699c394242c47895f6ccbe5e27da173e127cb30fc1

  • SHA512

    50473159ddeb799b6fd37540b7d9b836d03c68932666f0e716b8dc35821066a43650306bc47a434db06dd687fa8c583a06b11d88ed8e8ae4bdc133a95cab5ce8

  • SSDEEP

    49152:S/s1bL1KDlxhFMlUMQ6F4O1g30OzwkCgxXFbi65FFy45R4h7XHIGfKETcn7e5bc9:QeYRxbMlUM3Xg3GSx1biqy4G73KKcShm

Score
8/10
discovery

Malware Config

Targets

    • Target

      4b8d0958dfa0148186a6cd4cf1d07e28_JaffaCakes118

    • Size

      2.5MB

    • MD5

      4b8d0958dfa0148186a6cd4cf1d07e28

    • SHA1

      bbae983c2d1043070dacbb36eccc4f5baf1fca1f

    • SHA256

      151cd8baf5f35af4728d56699c394242c47895f6ccbe5e27da173e127cb30fc1

    • SHA512

      50473159ddeb799b6fd37540b7d9b836d03c68932666f0e716b8dc35821066a43650306bc47a434db06dd687fa8c583a06b11d88ed8e8ae4bdc133a95cab5ce8

    • SSDEEP

      49152:S/s1bL1KDlxhFMlUMQ6F4O1g30OzwkCgxXFbi65FFy45R4h7XHIGfKETcn7e5bc9:QeYRxbMlUM3Xg3GSx1biqy4G73KKcShm

    Score
    8/10
    discovery

    • Drops file in Drivers directory

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks