Overview

overview

10

Static

static

3

a12e1fb762...18.exe

windows7-x64

10

a12e1fb762...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a12e1fb7625b0de3a6aa13eb5c959c36_JaffaCakes118

  • Size

    335KB

  • Sample

    240817-eyaceaxapa

  • MD5

    a12e1fb7625b0de3a6aa13eb5c959c36

  • SHA1

    db47bfc4348caa7a8775a269a70b97b8429debc3

  • SHA256

    81ff00bc5eeab0229bb0e63ae2061f599f088fa9e884effb840a1832b9c3229d

  • SHA512

    0e1b55893781466a82a20f18f5db1cb17886db04041d611435c564f58468f6abc90926350069ca11ad5759bdc3ac5bba052d038912525725f12a4e7474543f06

  • SSDEEP

    6144:9e3nx3oWmDg2djppvLdqRsPuQesxKVprEOQVABkymjgmnGAVff0M:Ux3oWPMVNouPysAur6ZmHnNf0M

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      a12e1fb7625b0de3a6aa13eb5c959c36_JaffaCakes118

    • Size

      335KB

    • MD5

      a12e1fb7625b0de3a6aa13eb5c959c36

    • SHA1

      db47bfc4348caa7a8775a269a70b97b8429debc3

    • SHA256

      81ff00bc5eeab0229bb0e63ae2061f599f088fa9e884effb840a1832b9c3229d

    • SHA512

      0e1b55893781466a82a20f18f5db1cb17886db04041d611435c564f58468f6abc90926350069ca11ad5759bdc3ac5bba052d038912525725f12a4e7474543f06

    • SSDEEP

      6144:9e3nx3oWmDg2djppvLdqRsPuQesxKVprEOQVABkymjgmnGAVff0M:Ux3oWPMVNouPysAur6ZmHnNf0M

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks