Overview

overview

10

Static

static

3

7238679795...18.exe

windows7-x64

10

7238679795...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7238679795aff771e485a40296292f1b_JaffaCakes118

  • Size

    30KB

  • Sample

    240726-cq2etazfqk

  • MD5

    7238679795aff771e485a40296292f1b

  • SHA1

    5d353e7a22d1f2969dc20a9dfd54bf31829277d6

  • SHA256

    9fba05575f10a37bb473be4e25bd052a8e760d7210a6738fc3548cebe01adeeb

  • SHA512

    0dd51778cc5cf14baab1b4348b7d312a66a7213e5eb8628c3200b5ae6c28708110508ae0b967af236f5651b6339e6ee0abc4ae4585477780d3b6ae83550625ec

  • SSDEEP

    768:MHeVJMf9VlBKK5e6JMgoSy8svKlyl/vjnbcuyD7UMNWGX:M+kloKtJFoLjv7lznouy8st

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      7238679795aff771e485a40296292f1b_JaffaCakes118

    • Size

      30KB

    • MD5

      7238679795aff771e485a40296292f1b

    • SHA1

      5d353e7a22d1f2969dc20a9dfd54bf31829277d6

    • SHA256

      9fba05575f10a37bb473be4e25bd052a8e760d7210a6738fc3548cebe01adeeb

    • SHA512

      0dd51778cc5cf14baab1b4348b7d312a66a7213e5eb8628c3200b5ae6c28708110508ae0b967af236f5651b6339e6ee0abc4ae4585477780d3b6ae83550625ec

    • SSDEEP

      768:MHeVJMf9VlBKK5e6JMgoSy8svKlyl/vjnbcuyD7UMNWGX:M+kloKtJFoLjv7lznouy8st

    Score
    10/10
    evasionpersistencetrojandiscovery

    • UAC bypass

      evasiontrojan

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks