Overview

overview

10

Static

static

3

5a522def20...18.exe

windows7-x64

10

5a522def20...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a522def20e7b1de6a174f18c875e741_JaffaCakes118

  • Size

    480KB

  • Sample

    240719-d7mhnavajh

  • MD5

    5a522def20e7b1de6a174f18c875e741

  • SHA1

    4fe6f5d8720c6f0b2ca11a7611ee2eacae2ba774

  • SHA256

    ba6a02347002fee362b395da467eae0e243ca5541a0d107a8044adcd668cf4d5

  • SHA512

    908f9200e053c06e0c3a288a9431b251f787e9d41f3293be8e321ae9cac9a823fdb874d40a00ae53bf5795e15d3077ff91f0828b0842d4306717c48dbf0e5fc6

  • SSDEEP

    6144:jFEi8Snk8/4Ut5aKu0qOgRDl3mRUYKbDMYzuG+3qE1bOibM9OiwCByWO/:psCEQqOgNuU39u/3qCyibg7wCcWO

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      5a522def20e7b1de6a174f18c875e741_JaffaCakes118

    • Size

      480KB

    • MD5

      5a522def20e7b1de6a174f18c875e741

    • SHA1

      4fe6f5d8720c6f0b2ca11a7611ee2eacae2ba774

    • SHA256

      ba6a02347002fee362b395da467eae0e243ca5541a0d107a8044adcd668cf4d5

    • SHA512

      908f9200e053c06e0c3a288a9431b251f787e9d41f3293be8e321ae9cac9a823fdb874d40a00ae53bf5795e15d3077ff91f0828b0842d4306717c48dbf0e5fc6

    • SSDEEP

      6144:jFEi8Snk8/4Ut5aKu0qOgRDl3mRUYKbDMYzuG+3qE1bOibM9OiwCByWO/:psCEQqOgNuU39u/3qCyibg7wCcWO

    Score
    10/10
    evasionpersistence

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks