Overview

overview

8

Static

static

3

b13db57847...18.exe

windows7-x64

8

b13db57847...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b13db5784750429a5393dba0560b3be4_JaffaCakes118

  • Size

    476KB

  • Sample

    240820-29rr6ascql

  • MD5

    b13db5784750429a5393dba0560b3be4

  • SHA1

    faaadd3aa949156ecfabfe131314ef0fb428dca6

  • SHA256

    5e71b35f061954edbedd62ab5126fd283e57bf90b865cef035d8367974cfb254

  • SHA512

    4dfe0ceb7a340803122cb51a02e68b207cee16c9b6395fe1211ed1b46f97bce141a8b35e8ab3e55cfe97a7e99ed31b0d4f8e05d7f12bdd629a5ff07f9c9682a8

  • SSDEEP

    12288:NtKe6Zv23YdqMGHG7aTX6FRZXOUZARLU6:d6Zv2OIXinXi

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      b13db5784750429a5393dba0560b3be4_JaffaCakes118

    • Size

      476KB

    • MD5

      b13db5784750429a5393dba0560b3be4

    • SHA1

      faaadd3aa949156ecfabfe131314ef0fb428dca6

    • SHA256

      5e71b35f061954edbedd62ab5126fd283e57bf90b865cef035d8367974cfb254

    • SHA512

      4dfe0ceb7a340803122cb51a02e68b207cee16c9b6395fe1211ed1b46f97bce141a8b35e8ab3e55cfe97a7e99ed31b0d4f8e05d7f12bdd629a5ff07f9c9682a8

    • SSDEEP

      12288:NtKe6Zv23YdqMGHG7aTX6FRZXOUZARLU6:d6Zv2OIXinXi

    Score
    8/10
    discoverypersistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Modifies system executable filetype association

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks