Overview

overview

10

Static

static

3

6a5f2cae84...18.exe

windows7-x64

6a5f2cae84...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6a5f2cae84027990b6c3ef43fa786721_JaffaCakes118

  • Size

    176KB

  • Sample

    240724-fzl82azdmq

  • MD5

    6a5f2cae84027990b6c3ef43fa786721

  • SHA1

    03a011449270c4d3618a3ec8c64be648e1b393ce

  • SHA256

    5ee202e368c71a0dc650db2ed9c2373cc559899ef16fbfe48f976681bc5da5bf

  • SHA512

    7440df6fb01a3e53533d55896aae72f4c273ffd25a9fe4e9a8fa64847d1239f4a59b9b753982fac8ea3acac62a106f5aa804efbdf76db7cdf80b14619c3db6d9

  • SSDEEP

    1536:t553v5WpI90w7gzwnCmMH0JdMQl83KG2rDrGsVrz:tjv5Wpk7SwLtJdMQl83KGUDrG

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      6a5f2cae84027990b6c3ef43fa786721_JaffaCakes118

    • Size

      176KB

    • MD5

      6a5f2cae84027990b6c3ef43fa786721

    • SHA1

      03a011449270c4d3618a3ec8c64be648e1b393ce

    • SHA256

      5ee202e368c71a0dc650db2ed9c2373cc559899ef16fbfe48f976681bc5da5bf

    • SHA512

      7440df6fb01a3e53533d55896aae72f4c273ffd25a9fe4e9a8fa64847d1239f4a59b9b753982fac8ea3acac62a106f5aa804efbdf76db7cdf80b14619c3db6d9

    • SSDEEP

      1536:t553v5WpI90w7gzwnCmMH0JdMQl83KG2rDrGsVrz:tjv5Wpk7SwLtJdMQl83KGUDrG

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in Drivers directory

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks