Overview

overview

8

Static

static

3

b11c30cc27...18.exe

windows7-x64

7

b11c30cc27...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b11c30cc27894919138c95e0e739d34c_JaffaCakes118

  • Size

    48KB

  • Sample

    240820-2hd2zswhmf

  • MD5

    b11c30cc27894919138c95e0e739d34c

  • SHA1

    d607b4300749c6527a47556cfcb25adb85fe6c89

  • SHA256

    93250c3cf3b548134bb52e3efa68230944fdcb22b7c53142d7f864c8eb454779

  • SHA512

    b2ed0baed44a91499886bb0488c850264638cc273d5445b50cd85ffa796473fe09ba7fa5e5896bbd28952ef578d0418e23ff244348ec7810e92bc7326ad4e2b9

  • SSDEEP

    768:TiZe74WY/UcnG2NHfp/mH9Y2z+I8hLpoW66eQOaAg:TPli7N/pNI+OJYOaAg

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      b11c30cc27894919138c95e0e739d34c_JaffaCakes118

    • Size

      48KB

    • MD5

      b11c30cc27894919138c95e0e739d34c

    • SHA1

      d607b4300749c6527a47556cfcb25adb85fe6c89

    • SHA256

      93250c3cf3b548134bb52e3efa68230944fdcb22b7c53142d7f864c8eb454779

    • SHA512

      b2ed0baed44a91499886bb0488c850264638cc273d5445b50cd85ffa796473fe09ba7fa5e5896bbd28952ef578d0418e23ff244348ec7810e92bc7326ad4e2b9

    • SSDEEP

      768:TiZe74WY/UcnG2NHfp/mH9Y2z+I8hLpoW66eQOaAg:TPli7N/pNI+OJYOaAg

    Score
    8/10
    discoverypersistence

    • Adds policy Run key to start application

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks