Overview

overview

7

Static

static

3

07e625e782...18.exe

windows7-x64

7

07e625e782...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    07e625e7822aea2617c43791442dec86_JaffaCakes118

  • Size

    148KB

  • Sample

    240620-vasrvaxepb

  • MD5

    07e625e7822aea2617c43791442dec86

  • SHA1

    e8bef818f8d7ecf0bd384c12a9004caae17fb19c

  • SHA256

    10fb746298864930cb185c15343a2bf68ad050a7e159c169ca07e482bb66ab0b

  • SHA512

    af2798ae0e409c1a89a76b348536374187c904209a9c0905bcbd99cdf2f82ad19eda4b98b7b674aa309ef268cf734213babd4f94563d40c69f07978ee20d842e

  • SSDEEP

    3072:8dpckuDkxPa3wQWuD3gse48yrtZJsok/fH:YpitZJg28+I/f

Score
7/10
adwareevasionexecutionpersistencestealertrojan

Malware Config

Targets

    • Target

      07e625e7822aea2617c43791442dec86_JaffaCakes118

    • Size

      148KB

    • MD5

      07e625e7822aea2617c43791442dec86

    • SHA1

      e8bef818f8d7ecf0bd384c12a9004caae17fb19c

    • SHA256

      10fb746298864930cb185c15343a2bf68ad050a7e159c169ca07e482bb66ab0b

    • SHA512

      af2798ae0e409c1a89a76b348536374187c904209a9c0905bcbd99cdf2f82ad19eda4b98b7b674aa309ef268cf734213babd4f94563d40c69f07978ee20d842e

    • SSDEEP

      3072:8dpckuDkxPa3wQWuD3gse48yrtZJsok/fH:YpitZJg28+I/f

    Score
    7/10
    adwareevasionexecutionpersistencestealertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks