Overview

overview

7

Static

static

3

a5d4775a09...18.exe

windows7-x64

7

a5d4775a09...18.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    a5d4775a09e75dd98bc58c670057ba03_JaffaCakes118

  • Size

    349KB

  • Sample

    240818-hv712svcmq

  • MD5

    a5d4775a09e75dd98bc58c670057ba03

  • SHA1

    5799c521a69174f85c5d9aa08ce11ffcebb4d8bb

  • SHA256

    b68ffc6404bf1e25fa05d0476e0f721dfc1f87854111e27067aa9c2771075b71

  • SHA512

    5e0d24f27df6568fb6faf2f0ddce38f6c778bf5e10f897567d3b0064056339a31d2c1519c0fbc32be8562d7a09175be88df564e2a34054831cd0dbde443abea1

  • SSDEEP

    6144:+qwMPKotB6uFq/4d0OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7Qp79VulTweZ0H:mEPB65/4m6ifSRPFWlRl2t4AyiQxA8eE

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      a5d4775a09e75dd98bc58c670057ba03_JaffaCakes118

    • Size

      349KB

    • MD5

      a5d4775a09e75dd98bc58c670057ba03

    • SHA1

      5799c521a69174f85c5d9aa08ce11ffcebb4d8bb

    • SHA256

      b68ffc6404bf1e25fa05d0476e0f721dfc1f87854111e27067aa9c2771075b71

    • SHA512

      5e0d24f27df6568fb6faf2f0ddce38f6c778bf5e10f897567d3b0064056339a31d2c1519c0fbc32be8562d7a09175be88df564e2a34054831cd0dbde443abea1

    • SSDEEP

      6144:+qwMPKotB6uFq/4d0OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7Qp79VulTweZ0H:mEPB65/4m6ifSRPFWlRl2t4AyiQxA8eE

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks