Overview

overview

7

Static

static

3

6f87cb3824...18.exe

windows7-x64

7

6f87cb3824...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6f87cb382407d68a46aab6b603ecc78e_JaffaCakes118

  • Size

    11.4MB

  • Sample

    240725-pe8qza1dpa

  • MD5

    6f87cb382407d68a46aab6b603ecc78e

  • SHA1

    71538d4362a8f290f99c929aeda838cfa1cc4581

  • SHA256

    141510d777d20a05f0f94c011ffadc43c1220000b733baa682f6c950108eb8a9

  • SHA512

    3b5ade1cfe2d43576f011fc87597e8a697d150981536a3c49213ab83615e3b9fc6b80ac63a3639d0815b65af7fae8b49974c7b1917b8a4b1874967676a2f7978

  • SSDEEP

    49152:QWpHv/6RX01s3Fl6kr3N86bxLqsF0xatEw8zQPMk9JIT3nEWCpbqTnNKqUvOQs7l:

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      6f87cb382407d68a46aab6b603ecc78e_JaffaCakes118

    • Size

      11.4MB

    • MD5

      6f87cb382407d68a46aab6b603ecc78e

    • SHA1

      71538d4362a8f290f99c929aeda838cfa1cc4581

    • SHA256

      141510d777d20a05f0f94c011ffadc43c1220000b733baa682f6c950108eb8a9

    • SHA512

      3b5ade1cfe2d43576f011fc87597e8a697d150981536a3c49213ab83615e3b9fc6b80ac63a3639d0815b65af7fae8b49974c7b1917b8a4b1874967676a2f7978

    • SSDEEP

      49152:QWpHv/6RX01s3Fl6kr3N86bxLqsF0xatEw8zQPMk9JIT3nEWCpbqTnNKqUvOQs7l:

    Score
    7/10
    discoverypersistence

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks