Overview

overview

8

Static

static

3

5dec411bee...18.exe

windows7-x64

8

5dec411bee...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    5dec411bee42fcd3a675fa158158e0a7_JaffaCakes118

  • Size

    496KB

  • Sample

    240719-2aw8latalk

  • MD5

    5dec411bee42fcd3a675fa158158e0a7

  • SHA1

    4054a6fe0a8f05b7e750c6ba2bb92e8c4aa43a8e

  • SHA256

    48d6cd4c6b4c013c7b72e0b7a7ba13062d8b6dbfb3e93b094bb8279d95da27da

  • SHA512

    1218925388f65a7635915d4a401dbe63869dfcf9600534f61444d35d4f3264008e1b2cd4e0c401343cf8836fcb3949194f7f26d134cdd9cdfc6fd386834836a8

  • SSDEEP

    12288:aXOqjdBB1SUhySAgRsZOWbs9St311tspgHYjJKYdeTKK:apB1dhTs0L9Sl1rseOJKG

Score
8/10
adwarebootkitpersistencestealer

Malware Config

Targets

    • Target

      5dec411bee42fcd3a675fa158158e0a7_JaffaCakes118

    • Size

      496KB

    • MD5

      5dec411bee42fcd3a675fa158158e0a7

    • SHA1

      4054a6fe0a8f05b7e750c6ba2bb92e8c4aa43a8e

    • SHA256

      48d6cd4c6b4c013c7b72e0b7a7ba13062d8b6dbfb3e93b094bb8279d95da27da

    • SHA512

      1218925388f65a7635915d4a401dbe63869dfcf9600534f61444d35d4f3264008e1b2cd4e0c401343cf8836fcb3949194f7f26d134cdd9cdfc6fd386834836a8

    • SSDEEP

      12288:aXOqjdBB1SUhySAgRsZOWbs9St311tspgHYjJKYdeTKK:apB1dhTs0L9Sl1rseOJKG

    Score
    8/10
    adwarebootkitpersistencestealer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks