Overview

overview

7

Static

static

3

38ea681aa0...18.exe

windows7-x64

7

38ea681aa0...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    38ea681aa0cbae184e5427beec08af5f_JaffaCakes118

  • Size

    356KB

  • Sample

    240711-nh3tfsthnp

  • MD5

    38ea681aa0cbae184e5427beec08af5f

  • SHA1

    adb753613e6603b146bbd45afe4ac2437af8d369

  • SHA256

    445c5907367d2fa0361d6c403bd6affef5332113a1ef5fab9e7a7e70ce765c8a

  • SHA512

    9e30c74917b382d7487c308c20c39b9a92c4d0bf8ae1dd9198b2e1664a16c888b565dadefc4c85f8a5b9415642b7d812ad06250e84109d8b562f1e1647074740

  • SSDEEP

    6144:7vbx8BMaCOUXupqA5CuPWALLlhhnlB1lJaYlx:7RuBPrLLlhPB1lEY

Score
7/10
persistence

Malware Config

Targets

    • Target

      38ea681aa0cbae184e5427beec08af5f_JaffaCakes118

    • Size

      356KB

    • MD5

      38ea681aa0cbae184e5427beec08af5f

    • SHA1

      adb753613e6603b146bbd45afe4ac2437af8d369

    • SHA256

      445c5907367d2fa0361d6c403bd6affef5332113a1ef5fab9e7a7e70ce765c8a

    • SHA512

      9e30c74917b382d7487c308c20c39b9a92c4d0bf8ae1dd9198b2e1664a16c888b565dadefc4c85f8a5b9415642b7d812ad06250e84109d8b562f1e1647074740

    • SSDEEP

      6144:7vbx8BMaCOUXupqA5CuPWALLlhhnlB1lJaYlx:7RuBPrLLlhPB1lEY

    Score
    7/10
    persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks