Overview

overview

8

Static

static

7

32b7db1d6e...18.exe

windows7-x64

8

32b7db1d6e...18.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    32b7db1d6e890b1ed9ede541ab4e5c5f_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240710-bgc57ayeme

  • MD5

    32b7db1d6e890b1ed9ede541ab4e5c5f

  • SHA1

    8fdf75d70d927715af4765104ae016936b8d77d6

  • SHA256

    5b361a51847a06ddee10a91604e99f0d2e9b5ff06ee33d471af5333b1521a712

  • SHA512

    97ae82eef3f8fc8cea2c1d176df8ec880e16e41770d50b2185cbe53f8abfef7fceb7f7c231f8591e02e920b3462212d328c328b54dac622ef6f56f4ee6cd4a1e

  • SSDEEP

    49152:DLwfM3KGEAszr0zvHjuZFEQCpmg5uj47pkC5/El57pqsuk8yARuvxPDfgyJ:QftvMFLG47pkCpE8yAR2xLoy

Score
8/10
evasionpersistenceprivilege_escalationthemida

Malware Config

Targets

    • Target

      32b7db1d6e890b1ed9ede541ab4e5c5f_JaffaCakes118

    • Size

      3.0MB

    • MD5

      32b7db1d6e890b1ed9ede541ab4e5c5f

    • SHA1

      8fdf75d70d927715af4765104ae016936b8d77d6

    • SHA256

      5b361a51847a06ddee10a91604e99f0d2e9b5ff06ee33d471af5333b1521a712

    • SHA512

      97ae82eef3f8fc8cea2c1d176df8ec880e16e41770d50b2185cbe53f8abfef7fceb7f7c231f8591e02e920b3462212d328c328b54dac622ef6f56f4ee6cd4a1e

    • SSDEEP

      49152:DLwfM3KGEAszr0zvHjuZFEQCpmg5uj47pkC5/El57pqsuk8yARuvxPDfgyJ:QftvMFLG47pkCpE8yAR2xLoy

    Score
    8/10
    evasionpersistenceprivilege_escalationthemida

    • Modifies Windows Firewall

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks