Overview

overview

7

Static

static

3

959c3cba9c...18.exe

windows7-x64

7

959c3cba9c...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    959c3cba9c332a716f6b19acc9f0e20f_JaffaCakes118

  • Size

    312KB

  • Sample

    240814-lzc81s1bjm

  • MD5

    959c3cba9c332a716f6b19acc9f0e20f

  • SHA1

    9c9b07d28f1fd5f1c2333ab80fdf021f5d15feb3

  • SHA256

    cc20c4a458515ca9c63a3f73f171827362142fd58ec2e9117d5abcba30aeda29

  • SHA512

    41ffd78c30d4b4bd504982e3bac18929c846148478730054e24cf033a7bc7d2bc711c9ec17c3cf7986a2ddbbd4cd063be71289845a77c07a8344859430742037

  • SSDEEP

    3072:eN37+i0wu3hGtB8CJjf0WbipTfbhUZKw2a2C9fiT15ys9Z1YKh7jBrI37D/10eRM:iiiYGBzLpbshUZ32Usnru2iyIBfRe

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      959c3cba9c332a716f6b19acc9f0e20f_JaffaCakes118

    • Size

      312KB

    • MD5

      959c3cba9c332a716f6b19acc9f0e20f

    • SHA1

      9c9b07d28f1fd5f1c2333ab80fdf021f5d15feb3

    • SHA256

      cc20c4a458515ca9c63a3f73f171827362142fd58ec2e9117d5abcba30aeda29

    • SHA512

      41ffd78c30d4b4bd504982e3bac18929c846148478730054e24cf033a7bc7d2bc711c9ec17c3cf7986a2ddbbd4cd063be71289845a77c07a8344859430742037

    • SSDEEP

      3072:eN37+i0wu3hGtB8CJjf0WbipTfbhUZKw2a2C9fiT15ys9Z1YKh7jBrI37D/10eRM:iiiYGBzLpbshUZ32Usnru2iyIBfRe

    Score
    7/10
    discoverypersistence

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks