Overview

overview

7

Static

static

1

a4abf5acd1...18.exe

windows7-x64

7

a4abf5acd1...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    a4abf5acd149777118b8636ff39981ad_JaffaCakes118

  • Size

    291KB

  • Sample

    240818-anh5caveme

  • MD5

    a4abf5acd149777118b8636ff39981ad

  • SHA1

    07c9011ed08e35dd28c7c016b5e9f18b6be5146d

  • SHA256

    646d7d8ee006743f56b3e8a8e4980877e42c90cc286ec986da7cb13046c705e7

  • SHA512

    69f40fc99126b4fbc9a2d4cb24890f881f7fa48e1b5c1ea3266fb46f6b0cb06fb1b28d4681ef89a6058bc9ab69974a1e70245b3e15f16f83b598ff051b66c141

  • SSDEEP

    6144:SFTbtMnvDpB7wY4n74fHyjZRVkc+py7u/qbWhpOKv:SfwvVZu7WoZRVGcu/qqhpZv

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      a4abf5acd149777118b8636ff39981ad_JaffaCakes118

    • Size

      291KB

    • MD5

      a4abf5acd149777118b8636ff39981ad

    • SHA1

      07c9011ed08e35dd28c7c016b5e9f18b6be5146d

    • SHA256

      646d7d8ee006743f56b3e8a8e4980877e42c90cc286ec986da7cb13046c705e7

    • SHA512

      69f40fc99126b4fbc9a2d4cb24890f881f7fa48e1b5c1ea3266fb46f6b0cb06fb1b28d4681ef89a6058bc9ab69974a1e70245b3e15f16f83b598ff051b66c141

    • SSDEEP

      6144:SFTbtMnvDpB7wY4n74fHyjZRVkc+py7u/qbWhpOKv:SfwvVZu7WoZRVGcu/qqhpZv

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks