Overview

overview

8

Static

static

3

486cfe059c...18.exe

windows7-x64

8

486cfe059c...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    486cfe059c4f76f00da6356f85a2b6c6_JaffaCakes118

  • Size

    403KB

  • Sample

    240715-f8hl7szfrj

  • MD5

    486cfe059c4f76f00da6356f85a2b6c6

  • SHA1

    75f31a43a0e3278d7e383471788b68193c738ec5

  • SHA256

    cd5e9f0e2b5df24b0d9e791ce7e244bee732f07938ae68502bd8912b28f496bc

  • SHA512

    3ab25a1f6f8045a688fe5d8453155381dab743ca12000eb26005d1803090c17e7545e983f8dd3cf4abb4ebc33405980f1c5ef2f714ae80b7d9d1e9da4086226e

  • SSDEEP

    6144:sEWAkz5WFzQEJiZVqv4VCzex/0YqjQK/5tXsCXhhCTHnB7TcCpSnHsnHovOG0z:/CYQXVueFhG75Kgh8h7fpznMOG0z

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      486cfe059c4f76f00da6356f85a2b6c6_JaffaCakes118

    • Size

      403KB

    • MD5

      486cfe059c4f76f00da6356f85a2b6c6

    • SHA1

      75f31a43a0e3278d7e383471788b68193c738ec5

    • SHA256

      cd5e9f0e2b5df24b0d9e791ce7e244bee732f07938ae68502bd8912b28f496bc

    • SHA512

      3ab25a1f6f8045a688fe5d8453155381dab743ca12000eb26005d1803090c17e7545e983f8dd3cf4abb4ebc33405980f1c5ef2f714ae80b7d9d1e9da4086226e

    • SSDEEP

      6144:sEWAkz5WFzQEJiZVqv4VCzex/0YqjQK/5tXsCXhhCTHnB7TcCpSnHsnHovOG0z:/CYQXVueFhG75Kgh8h7fpznMOG0z

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks