Overview

overview

8

Static

static

3

Setup.exe

windows7-x64

8

Setup.exe

windows10-2004-x64

8

run.exe

windows7-x64

8

run.exe

windows10-2004-x64

8

Setup.exe

windows7-x64

8

Setup.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    30991fa69e7b8d10bab04e9b9c5f9be0_JaffaCakes118

  • Size

    4.1MB

  • Sample

    240709-qxq5bayala

  • MD5

    30991fa69e7b8d10bab04e9b9c5f9be0

  • SHA1

    23f9881aaad62925433b651861ca984d2e38dd41

  • SHA256

    7f644c63b4ae76c1437cd408a26d1fcca96aea60e80fd82f3d2e0a210740f838

  • SHA512

    07943c722672225784e0535a29cbcad9fda64d07e0931bee138d4421c40f2bce2bab2eac1b064a4b12b72f52a7a6875cbedeeaa281b8888c55affd7c07f74e6c

  • SSDEEP

    98304:o8qT531SSpHc4B5fKh4EBt/Px0YBGL9B6dwDJyXnXHGPpN/:BqTWI8ckBm4GJwdMJsGN/

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      1.7MB

    • MD5

      32c979477a5e4883024236a34a68886e

    • SHA1

      2dc68c5e3a66e3935e1423e9347b7fa91c424bb2

    • SHA256

      0b79909adab9fe082c919343f6014f4f50df07b3e2668c33d58fc657db103c65

    • SHA512

      fdd8d75edde1da389caf60e291957645a7a9e6ff93af91327b741edc9e1b03c7dc6282940880e92f3b56585144f42a04f02cd0efe5fe315c2fc0055d66ae611e

    • SSDEEP

      49152:JRrIX01p1396HIZTXuXOrlp3iMrQNRM7G0+:f40N39GiTXu+DFZGt

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      run.exe

    • Size

      1.4MB

    • MD5

      ee41d6af61b68321fe189f3fb1d18be3

    • SHA1

      1f5bdad774d671d7a710b8e4fb04271d420ab773

    • SHA256

      1fe2d6fac66aa34a487a1fb41562959ce9e8ed791209fe7fe8c3ec62451586bb

    • SHA512

      ae84e4cbf8e9c061b6576dec7b969507755a1e05deb3607d08096fd18286e1812c9444209e8da3c4b2b5dfd4edfcabe3c0363d8042525a43f7536f58d70c1d32

    • SSDEEP

      24576:knyUcMU/3rcOoYVsO+CZhIkZ0WhiK33X0AniakuRTWFrZLBu3JD:k9eoYVICZd0WUK30a3kuhWBZLBK9

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      Setup.exe

    • Size

      1.2MB

    • MD5

      e0afdc5cd14f1c43df1c2c94fcbef13b

    • SHA1

      2589d37f1ceb98617ca67991077917ac7d340bc7

    • SHA256

      2c63bed08a7b6b1f244e08788bc07ceed3c13cba5d25a09b8074be46d60b2e02

    • SHA512

      7aa19cea5b584a6f7d9af4916673110ec91e052cd2b8109f2129ed4f6d0d0fa1275b39776821b45c8340d16dad69d9a0572a090699230cf36c5850aa008411da

    • SSDEEP

      24576:dxhkuKs0ENoYYvXnVL+GR0ZMu/DR9++f6IgDxibIll:ThcKNoYukZMe1lhgVl

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks