Overview

overview

10

Static

static

3

36f3e84dd1...18.exe

windows7-x64

10

36f3e84dd1...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    36f3e84dd18ff88938bb62bf293d7c84_JaffaCakes118

  • Size

    256KB

  • Sample

    240711-afas1azgkd

  • MD5

    36f3e84dd18ff88938bb62bf293d7c84

  • SHA1

    ed989fb96fce22ca26d40f7b08f533305c100fb4

  • SHA256

    2d884952719d3c2f4dd0ed6a8a2da85ca6cf8d05afb52edb09d34c4880223367

  • SHA512

    a93e87c98925aac187e5641e1f14dc97431f3db9c6462fd8218648435fc8fd5cf0f5c31e2e4947a0990dc6f13d1213d51ae1d23af82e38bfb20158504c11fc43

  • SSDEEP

    6144:sV4xNwRjJ+X1NkxIVcp1bT+xkhlxuhuMOoi5ldM:+UwRd0z/Op1T+xk4hut95fM

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      36f3e84dd18ff88938bb62bf293d7c84_JaffaCakes118

    • Size

      256KB

    • MD5

      36f3e84dd18ff88938bb62bf293d7c84

    • SHA1

      ed989fb96fce22ca26d40f7b08f533305c100fb4

    • SHA256

      2d884952719d3c2f4dd0ed6a8a2da85ca6cf8d05afb52edb09d34c4880223367

    • SHA512

      a93e87c98925aac187e5641e1f14dc97431f3db9c6462fd8218648435fc8fd5cf0f5c31e2e4947a0990dc6f13d1213d51ae1d23af82e38bfb20158504c11fc43

    • SSDEEP

      6144:sV4xNwRjJ+X1NkxIVcp1bT+xkhlxuhuMOoi5ldM:+UwRd0z/Op1T+xk4hut95fM

    Score
    10/10
    persistencediscovery

    • Modifies WinLogon for persistence

      persistence

    • Adds Run key to start application

      persistence

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies WinLogon

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks