General
-
Target
6900336a2651f53be4491fe7ced64ddf_JaffaCakes118
-
Size
347KB
-
Sample
240522-3gpyjadb61
-
MD5
6900336a2651f53be4491fe7ced64ddf
-
SHA1
33aec628f027c9b2dfa31c3326a4dd515a4df4c5
-
SHA256
ae02d2cec500812aaf0109c35f1421765ea0eebfbb8de26b9c7c2933dd97dd77
-
SHA512
009370b9cc283ccc61036d7aea5af8f4558d98d9298d19148ee1756eb06f1e02ec3cb15f73568fc7c9b718fcd3eca5d872d20ef3ca5b2d91036d3fe383d863e3
-
SSDEEP
6144:nP6L2thmaSP1zTynubVXaawkTEnOuIXUWoN6XkUyE9f+E6JTXnS778vYiBzCHCiG:nRhK1zmnubVXaa0ObXUhE9f+fJrS7wvD
Static task
static1
Behavioral task
behavioral1
Sample
PermEdit.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
PermEdit.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
WPE by elektro255.exe
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
WPE by elektro255.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
elektr.dll
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
elektr.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
wpe.exe
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
wpe.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
PermEdit.exe
-
Size
12KB
-
MD5
0b2ac08bce1db29e9d046d948a317861
-
SHA1
babd60d3eb5e423df7eec8be35df3f9eb530164d
-
SHA256
48cbe579e97d75624ee3823150d854fb652b2c73e37da1f47d8409013edf96c9
-
SHA512
ad5cbde248a3d8590ae3294a470f8b20d465c0cfa8aa71d3c2163afb0708be924c81dfa19ce63175450e6ac9c0da50fd1a8c1e5190f0fbab05d04ae7d2f90940
-
SSDEEP
192:mePOHSggX2oQj1P+4JIMGeSM5cMTD3C2lgMU41VtOHc6h6cjEd/kVPq/:mY7gK9Qva1eb5cSbCygMU4ehdjEKRg
Score1/10 -
-
-
Target
WPE by elektro255.exe
-
Size
308KB
-
MD5
94133f8293be29c1e68eac581e642f15
-
SHA1
cbdad254269f42f1edc06e5e2e8dbb890e890702
-
SHA256
5ae661e5ad7b131276d39cead78a2c6cf4490a68a0470a6128a3e9b46d94d0a2
-
SHA512
4e5b8281c676a84666f376486b36706f9a4e3a898a98d53d48f8ca79d38e2f33eba1d9c5e9cc7b1993b035274ec9377e0d90f0dc7b217cacedd73cdb487e42ce
-
SSDEEP
6144:3GZjdR/94YzvpRXqxEMpmKwx8vDVdMrdNLDWDyxCAr2OWZ:4j/uYzfX+VirCDyx2Om
Score1/10 -
-
-
Target
elektr.dll
-
Size
51KB
-
MD5
554621e5362c75097c1d69affb284c1c
-
SHA1
3b3cdd43e0ca41b70fb9224e753f2e08a61462aa
-
SHA256
6a7be9946824a2a0e01e1a5541ad78480c7c4173669c69659c3d87f21809e1a8
-
SHA512
074d331aa00298a68e2c436e77000d99ca5026033da33bf5bb0cd713eca25b82e19fa26dc8c022917a926210f7e09e8c3c713c5681863dfe584b42d94e65d504
-
SSDEEP
768:NCDsRInSTu6xpi9Hk+o4xTTWVWWwBHt3HOgiHFEkOlZCYLtfoyk2B:N+STVOkz4xTTWKteB2kOl7loT2B
Score1/10 -
-
-
Target
wpe.exe
-
Size
56KB
-
MD5
77ed29c8348379d43ecb9e841d64f6b6
-
SHA1
14f53a4d5f4a3cc8cd8f2040e28401aa4b9e8c1e
-
SHA256
fb62a5da456ee9a0f90fe48c3fa57c09d7d4f30bc7cdebee45f6dda02ccf34e6
-
SHA512
2db27ee4ff7afda5670adf58f7465a5c4f9ee63cefacad5c973660866b6cda62a67f69587ab0497f1ab017548225fff827d90187b031d5b8681557fc61b5a962
-
SSDEEP
768:J4JPHOF3W8nMIbk6KQVEs8rA7FYM9M6Ap9riiJ:J4Jf83W8W60IL26Ap8iJ
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-