Overview

overview

7

Static

static

3

72062bd22e...18.exe

windows7-x64

7

72062bd22e...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    72062bd22e0af0e97b4861889fa51df8_JaffaCakes118

  • Size

    282KB

  • Sample

    240726-bk29gsxakk

  • MD5

    72062bd22e0af0e97b4861889fa51df8

  • SHA1

    a655f3d279c835797b07278d072027c546ca6032

  • SHA256

    9ce33b4f37c67b4792d66e8134c8668a6d55361edb9702fcaa63d17f5771faf7

  • SHA512

    0290a3269386c9c1db0aad47b4eb14999fcb05da50c2498bc3fa4daae187c17217afbbfa76617a5978fa96796605925ee48500cfb4f37c269bc67e626746bb42

  • SSDEEP

    6144:YQ2HPZA9jslC3Nvju9NCjV+GenP8L3JTLLeV:/2HPe9jJdwN+V+GenEDpLk

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      72062bd22e0af0e97b4861889fa51df8_JaffaCakes118

    • Size

      282KB

    • MD5

      72062bd22e0af0e97b4861889fa51df8

    • SHA1

      a655f3d279c835797b07278d072027c546ca6032

    • SHA256

      9ce33b4f37c67b4792d66e8134c8668a6d55361edb9702fcaa63d17f5771faf7

    • SHA512

      0290a3269386c9c1db0aad47b4eb14999fcb05da50c2498bc3fa4daae187c17217afbbfa76617a5978fa96796605925ee48500cfb4f37c269bc67e626746bb42

    • SSDEEP

      6144:YQ2HPZA9jslC3Nvju9NCjV+GenP8L3JTLLeV:/2HPe9jJdwN+V+GenEDpLk

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks