Overview

overview

8

Static

static

3

74e4508df9...18.exe

windows7-x64

8

74e4508df9...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    74e4508df91dcca124c3b0d6eb2fab17_JaffaCakes118

  • Size

    488KB

  • Sample

    240726-va6zgateld

  • MD5

    74e4508df91dcca124c3b0d6eb2fab17

  • SHA1

    0e0af57d62b126c4cab4f396aa3f659374b95280

  • SHA256

    a4a83823b8e512afcb9b6a621d555cfe48afa6b65d3dfc2fa3e495eed6314b0f

  • SHA512

    a77dec8840dbe293091416e0e4c6f510801c32fa57e92fd52d66798d9e0be792a4d6e64fdd10cfb554c4ea6e403384f47195a8489b394d4743fd92728c7a8335

  • SSDEEP

    12288:wNSIpoJ3vpAALhchj5m6dCdiIp1gcxZh2uUyqfY45FiDhyaKjK8:wIJ3BAlhj74diIHgYh2u3qt2DhA28

Score
8/10
adwarebootkitdiscoverypersistencestealer

Malware Config

Targets

    • Target

      74e4508df91dcca124c3b0d6eb2fab17_JaffaCakes118

    • Size

      488KB

    • MD5

      74e4508df91dcca124c3b0d6eb2fab17

    • SHA1

      0e0af57d62b126c4cab4f396aa3f659374b95280

    • SHA256

      a4a83823b8e512afcb9b6a621d555cfe48afa6b65d3dfc2fa3e495eed6314b0f

    • SHA512

      a77dec8840dbe293091416e0e4c6f510801c32fa57e92fd52d66798d9e0be792a4d6e64fdd10cfb554c4ea6e403384f47195a8489b394d4743fd92728c7a8335

    • SSDEEP

      12288:wNSIpoJ3vpAALhchj5m6dCdiIp1gcxZh2uUyqfY45FiDhyaKjK8:wIJ3BAlhj74diIHgYh2u3qt2DhA28

    Score
    8/10
    adwarebootkitdiscoverypersistencestealer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks