Overview

overview

10

Static

static

3

324b2b3738...18.exe

windows7-x64

10

324b2b3738...18.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    324b2b37382b2354e71deb571a796d04_JaffaCakes118

  • Size

    2.4MB

  • Sample

    240709-2rhfrszhqj

  • MD5

    324b2b37382b2354e71deb571a796d04

  • SHA1

    eae209041119afc53a059e6104dd5f8cb49eb5e9

  • SHA256

    3679370c4b95039930616bed66a5d258e1ddd02e2b7926729d5f9af79b72c788

  • SHA512

    22ada6984f81399e71973065085de30b7293f4ba8b6bf6f5b7e1319e01932df5123cba3ed3d4119126bae95a43fb32149bfd0bc3e8446936b47a8ef8526686d8

  • SSDEEP

    6144:hvpFS7WdDJ07tVfIcOk9Md4nwxVw6cH2SbaxVUawb4BVMOgeBHvLSiSb6Deh2ECu:hWoDsTP98cTbaxWnIBPL5FDehpYbJl

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      324b2b37382b2354e71deb571a796d04_JaffaCakes118

    • Size

      2.4MB

    • MD5

      324b2b37382b2354e71deb571a796d04

    • SHA1

      eae209041119afc53a059e6104dd5f8cb49eb5e9

    • SHA256

      3679370c4b95039930616bed66a5d258e1ddd02e2b7926729d5f9af79b72c788

    • SHA512

      22ada6984f81399e71973065085de30b7293f4ba8b6bf6f5b7e1319e01932df5123cba3ed3d4119126bae95a43fb32149bfd0bc3e8446936b47a8ef8526686d8

    • SSDEEP

      6144:hvpFS7WdDJ07tVfIcOk9Md4nwxVw6cH2SbaxVUawb4BVMOgeBHvLSiSb6Deh2ECu:hWoDsTP98cTbaxWnIBPL5FDehpYbJl

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks