Overview

overview

10

Static

static

3

68a6e5a96e...18.exe

windows7-x64

10

68a6e5a96e...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    68a6e5a96e8cdbddb414b956120e5427_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240522-z1s8hsgh67

  • MD5

    68a6e5a96e8cdbddb414b956120e5427

  • SHA1

    fcca0f9109c322bdbedede92b9504f8438fe8b8b

  • SHA256

    fdc232f93b6678a9f06622d6a24823f4c6bb8d29c1409aff2ffc8833078d4e48

  • SHA512

    59d488c62d7537b1d743cc4e4968ae7fd64942b9ef2479745c7aac05122332f2f9c0b7cd77afebd89c5ee02b9229aff6fccd0b044fdd553aab2d12c9f3c90d7e

  • SSDEEP

    12288:UZWtI6RkROKKu9OXOKKu9OXOKKu9OXOKKuyiYF+dnKP2:Uuha/iVdKO

Score
10/10
evasionexecutionpersistence

Malware Config

Targets

    • Target

      68a6e5a96e8cdbddb414b956120e5427_JaffaCakes118

    • Size

      1.3MB

    • MD5

      68a6e5a96e8cdbddb414b956120e5427

    • SHA1

      fcca0f9109c322bdbedede92b9504f8438fe8b8b

    • SHA256

      fdc232f93b6678a9f06622d6a24823f4c6bb8d29c1409aff2ffc8833078d4e48

    • SHA512

      59d488c62d7537b1d743cc4e4968ae7fd64942b9ef2479745c7aac05122332f2f9c0b7cd77afebd89c5ee02b9229aff6fccd0b044fdd553aab2d12c9f3c90d7e

    • SSDEEP

      12288:UZWtI6RkROKKu9OXOKKu9OXOKKu9OXOKKuyiYF+dnKP2:Uuha/iVdKO

    Score
    10/10
    evasionexecutionpersistence

    • Disables service(s)

      evasionexecution

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks