Overview

overview

7

Static

static

3

890a69bbd3...18.exe

windows7-x64

7

890a69bbd3...18.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    890a69bbd3bc119a853ed5202be98d08_JaffaCakes118

  • Size

    524KB

  • Sample

    240811-fc8thszcpe

  • MD5

    890a69bbd3bc119a853ed5202be98d08

  • SHA1

    dce8646a48c3e4c441024b524197017db3efe9c5

  • SHA256

    97a6c7e975ae6462ad73e76846b4fcf66c7fd38a30b51939a6b8f7bf8b0ad6d2

  • SHA512

    543ebadf06caca835ca40882b718dbf99e5190b2a5adecf18c4f319bfbc7b05beaeb41f43b5fa70e261be02d7806a869520fd43b30a806fdc5b3b26bd1b312c8

  • SSDEEP

    6144:atmFCDimSR6YJ7EfX6Rn469n1gVjfOYKvlkZN:YDDeJb4hIg

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      890a69bbd3bc119a853ed5202be98d08_JaffaCakes118

    • Size

      524KB

    • MD5

      890a69bbd3bc119a853ed5202be98d08

    • SHA1

      dce8646a48c3e4c441024b524197017db3efe9c5

    • SHA256

      97a6c7e975ae6462ad73e76846b4fcf66c7fd38a30b51939a6b8f7bf8b0ad6d2

    • SHA512

      543ebadf06caca835ca40882b718dbf99e5190b2a5adecf18c4f319bfbc7b05beaeb41f43b5fa70e261be02d7806a869520fd43b30a806fdc5b3b26bd1b312c8

    • SSDEEP

      6144:atmFCDimSR6YJ7EfX6Rn469n1gVjfOYKvlkZN:YDDeJb4hIg

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks