Overview

overview

10

Static

static

3

81c199973a...18.exe

windows7-x64

10

81c199973a...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    81c199973a5576af6afda78012e53af3_JaffaCakes118

  • Size

    80KB

  • Sample

    240801-zjnayawdnn

  • MD5

    81c199973a5576af6afda78012e53af3

  • SHA1

    d6be18215d92da4bc4cf2e2bdf17b3264c1b89e3

  • SHA256

    351619c51457e3d704c213a89436a1a123981172271dea05ea1caa5de10e25fc

  • SHA512

    e4979ca91f6d7082cf7b1107848e34a2dd3232a5f30bf83c4052c4109724ecea331412e7f9db8432e67f7b65d8f79b8312baa7c3e832b25fc03370983c034905

  • SSDEEP

    1536:fmOHV3ffrG6fo5ZCB+1Igf1BJWKeaRhdsRRYW:z13ffrG6fUUB+mYAKeajKYW

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      81c199973a5576af6afda78012e53af3_JaffaCakes118

    • Size

      80KB

    • MD5

      81c199973a5576af6afda78012e53af3

    • SHA1

      d6be18215d92da4bc4cf2e2bdf17b3264c1b89e3

    • SHA256

      351619c51457e3d704c213a89436a1a123981172271dea05ea1caa5de10e25fc

    • SHA512

      e4979ca91f6d7082cf7b1107848e34a2dd3232a5f30bf83c4052c4109724ecea331412e7f9db8432e67f7b65d8f79b8312baa7c3e832b25fc03370983c034905

    • SSDEEP

      1536:fmOHV3ffrG6fo5ZCB+1Igf1BJWKeaRhdsRRYW:z13ffrG6fUUB+mYAKeajKYW

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks