Overview

overview

9

Static

static

1

6d3aef5373...18.exe

windows7-x64

9

6d3aef5373...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d3aef5373992feb94caffa64d73d42c_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240524-d8qlpsbg57

  • MD5

    6d3aef5373992feb94caffa64d73d42c

  • SHA1

    d4dd6f6983bce65dafd4103bd98a79e9476a69ae

  • SHA256

    10c7c31e907dfd0d650bc4003d06b68d22af738c100e3afc1641100f00db9fc3

  • SHA512

    0b74b53f2a6780c89cf3e2ffab7126f34b0825c1bde1f74e8f05b053575d3b85eb8bc443cf59dfda154f97197e122fa84f64f07cc25c2d099d9961b2ed107ca8

  • SSDEEP

    49152:a9Oo27eT1iiajVcaIVaT9Dkd9sldwUyuuuVnm2bqjjJp4j+hsvKu/seHKFBRGpf8:UR2E1ZXI9Id9awGqjjJpMMztK8

Score
9/10
discoveryevasionexecution

Malware Config

Targets

    • Target

      6d3aef5373992feb94caffa64d73d42c_JaffaCakes118

    • Size

      3.0MB

    • MD5

      6d3aef5373992feb94caffa64d73d42c

    • SHA1

      d4dd6f6983bce65dafd4103bd98a79e9476a69ae

    • SHA256

      10c7c31e907dfd0d650bc4003d06b68d22af738c100e3afc1641100f00db9fc3

    • SHA512

      0b74b53f2a6780c89cf3e2ffab7126f34b0825c1bde1f74e8f05b053575d3b85eb8bc443cf59dfda154f97197e122fa84f64f07cc25c2d099d9961b2ed107ca8

    • SSDEEP

      49152:a9Oo27eT1iiajVcaIVaT9Dkd9sldwUyuuuVnm2bqjjJp4j+hsvKu/seHKFBRGpf8:UR2E1ZXI9Id9awGqjjJpMMztK8

    Score
    9/10
    discoveryevasionexecution

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks