Overview

overview

7

Static

static

3

b19825e5e8...18.exe

windows7-x64

7

b19825e5e8...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b19825e5e89001fd7c06c56670b023ac_JaffaCakes118

  • Size

    282KB

  • Sample

    240821-bkmtsswfnq

  • MD5

    b19825e5e89001fd7c06c56670b023ac

  • SHA1

    6b7210b800494fd6a148d7ca8414990c64108d54

  • SHA256

    40341be3547e272970b36f04b4fce4f957e297420155586305c1f8fae45dce42

  • SHA512

    c589794be4cce830a455b17685168c6678e95ad57eb8422b3832d76bcc188a048ece276bf573083c9b2da25d4cd5236c65f382717dde4f279d3de4500d048735

  • SSDEEP

    6144:n82HPKAA9jslC3NvjuqNCjV+GenP8n3JTLLe3:82HPKh9jJd/N+V+GenE3pLm

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      b19825e5e89001fd7c06c56670b023ac_JaffaCakes118

    • Size

      282KB

    • MD5

      b19825e5e89001fd7c06c56670b023ac

    • SHA1

      6b7210b800494fd6a148d7ca8414990c64108d54

    • SHA256

      40341be3547e272970b36f04b4fce4f957e297420155586305c1f8fae45dce42

    • SHA512

      c589794be4cce830a455b17685168c6678e95ad57eb8422b3832d76bcc188a048ece276bf573083c9b2da25d4cd5236c65f382717dde4f279d3de4500d048735

    • SSDEEP

      6144:n82HPKAA9jslC3NvjuqNCjV+GenP8n3JTLLe3:82HPKh9jJd/N+V+GenE3pLm

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks