Overview

overview

10

Static

static

3

4c7ea22cb6...18.exe

windows7-x64

10

4c7ea22cb6...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4c7ea22cb61e06fe7df1168765b216d5_JaffaCakes118

  • Size

    257KB

  • Sample

    240716-day57a1gmn

  • MD5

    4c7ea22cb61e06fe7df1168765b216d5

  • SHA1

    bae76a2b3d311c79ecc19cafeca4d1e390a6834d

  • SHA256

    dcae13bf1b89388e125f1c6e259aeb2c13b53164e24d54573b5b03820ff70c19

  • SHA512

    031c18efcae73f0c92c168f2bfa93c36e564620cf2025751b3c118a6a53f0de5a74554b6ea2e1ba1e4166792e60ac8f428fa92409e85e71456a18388ca713057

  • SSDEEP

    3072:kicFgFSqXNa0s3o2MV2SwcfjUGkmj1AWFhGIhtrJG+2ozcQU8gh1yhw7yds5VLGM:hXNNSo2EscAxmpDGIhtrTpUpH15WJS3

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      4c7ea22cb61e06fe7df1168765b216d5_JaffaCakes118

    • Size

      257KB

    • MD5

      4c7ea22cb61e06fe7df1168765b216d5

    • SHA1

      bae76a2b3d311c79ecc19cafeca4d1e390a6834d

    • SHA256

      dcae13bf1b89388e125f1c6e259aeb2c13b53164e24d54573b5b03820ff70c19

    • SHA512

      031c18efcae73f0c92c168f2bfa93c36e564620cf2025751b3c118a6a53f0de5a74554b6ea2e1ba1e4166792e60ac8f428fa92409e85e71456a18388ca713057

    • SSDEEP

      3072:kicFgFSqXNa0s3o2MV2SwcfjUGkmj1AWFhGIhtrJG+2ozcQU8gh1yhw7yds5VLGM:hXNNSo2EscAxmpDGIhtrTpUpH15WJS3

    Score
    10/10
    persistencediscovery

    • Modifies WinLogon for persistence

      persistence

    • Adds Run key to start application

      persistence

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies WinLogon

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks