Overview

overview

8

Static

static

3

746b9e5155...18.exe

windows7-x64

8

746b9e5155...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    746b9e5155240a98d1d748a9a9eae25b_JaffaCakes118

  • Size

    60KB

  • Sample

    240726-rnlc5swgpa

  • MD5

    746b9e5155240a98d1d748a9a9eae25b

  • SHA1

    7da112336eb3540b769d467bbddbce1ccba316c3

  • SHA256

    e5789d70cecc0a47d8fe57db9afa3c6425dc2765ef69529f4474200394934e5e

  • SHA512

    aeddbca251aaa7ad1359c3d282461c5b7eb1de69773c53e34a27d5f004d58ee77dce23fbf35c35680815063bfaf89745edfa7849613d02e889165a771fe79884

  • SSDEEP

    1536:BU8Cnt9E7sSLOi69qFoc3OBWzr48A+d5CPr/50GmbQnCzw4/XliV:G8cTn+dYWzr48ndUj50GkQCzXfU

Score
8/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      746b9e5155240a98d1d748a9a9eae25b_JaffaCakes118

    • Size

      60KB

    • MD5

      746b9e5155240a98d1d748a9a9eae25b

    • SHA1

      7da112336eb3540b769d467bbddbce1ccba316c3

    • SHA256

      e5789d70cecc0a47d8fe57db9afa3c6425dc2765ef69529f4474200394934e5e

    • SHA512

      aeddbca251aaa7ad1359c3d282461c5b7eb1de69773c53e34a27d5f004d58ee77dce23fbf35c35680815063bfaf89745edfa7849613d02e889165a771fe79884

    • SSDEEP

      1536:BU8Cnt9E7sSLOi69qFoc3OBWzr48A+d5CPr/50GmbQnCzw4/XliV:G8cTn+dYWzr48ndUj50GkQCzXfU

    Score
    8/10
    defense_evasiondiscoverypersistence

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks