Overview

overview

10

Static

static

3

05c792f7ca...18.exe

windows7-x64

10

05c792f7ca...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05c792f7ca289a5e53d390b9f32ffcfd_JaffaCakes118

  • Size

    414KB

  • Sample

    240620-n46r8swdlh

  • MD5

    05c792f7ca289a5e53d390b9f32ffcfd

  • SHA1

    6b97cc98029771ff5a7765360bf12561201b432e

  • SHA256

    b4eea543d3c7a0d19f62b2f0dec0cb544f8d65cd3c8447298632110abbbcdabb

  • SHA512

    6955f493830ba2591d3a961830e4ebb32d0e269cbe624f0e6e8a6288db049f072729e62f82c48d680eae83d33f1b888f6c5cb44ed39a15e25602343dc7b35dad

  • SSDEEP

    12288:cEU3npqLuOCtLpq7vnGjp2Vofyr3t/Fwh0uZatfGRxSI:cEU3pqLXEUQ2VofyxFwh0N

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      05c792f7ca289a5e53d390b9f32ffcfd_JaffaCakes118

    • Size

      414KB

    • MD5

      05c792f7ca289a5e53d390b9f32ffcfd

    • SHA1

      6b97cc98029771ff5a7765360bf12561201b432e

    • SHA256

      b4eea543d3c7a0d19f62b2f0dec0cb544f8d65cd3c8447298632110abbbcdabb

    • SHA512

      6955f493830ba2591d3a961830e4ebb32d0e269cbe624f0e6e8a6288db049f072729e62f82c48d680eae83d33f1b888f6c5cb44ed39a15e25602343dc7b35dad

    • SSDEEP

      12288:cEU3npqLuOCtLpq7vnGjp2Vofyr3t/Fwh0uZatfGRxSI:cEU3pqLXEUQ2VofyxFwh0N

    Score
    10/10
    persistenceupxevasion

    • Modifies WinLogon for persistence

      persistence

    • Modifies security service

      evasion

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks