Overview

overview

8

Static

static

3

b294e18e7c...18.exe

windows7-x64

8

b294e18e7c...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b294e18e7cba198d748cdcee578d59de_JaffaCakes118

  • Size

    79KB

  • Sample

    240821-h8rafszdnk

  • MD5

    b294e18e7cba198d748cdcee578d59de

  • SHA1

    48fa0d21c63150e6dc80b99812c0bc7ec9606d62

  • SHA256

    724333d57a79efd6b56ef0451206d4c04c90f6ed85e363bfd26c43d7f2ff5124

  • SHA512

    bd3f88fc8446d879fe97970722e8602ed87be29f9b50805d4cd393c4ac1b92b1811a4d8471f9b3fe56726801b1d11081e99e0f09dba6d583f5d86dadbd633383

  • SSDEEP

    1536:5WFro3Zoa+O9lmUPpk6iN5z0OvmiwJfrhl:5Wg4PN5FYr

Score
8/10
discoveryevasionexecutionpersistence

Malware Config

Targets

    • Target

      b294e18e7cba198d748cdcee578d59de_JaffaCakes118

    • Size

      79KB

    • MD5

      b294e18e7cba198d748cdcee578d59de

    • SHA1

      48fa0d21c63150e6dc80b99812c0bc7ec9606d62

    • SHA256

      724333d57a79efd6b56ef0451206d4c04c90f6ed85e363bfd26c43d7f2ff5124

    • SHA512

      bd3f88fc8446d879fe97970722e8602ed87be29f9b50805d4cd393c4ac1b92b1811a4d8471f9b3fe56726801b1d11081e99e0f09dba6d583f5d86dadbd633383

    • SSDEEP

      1536:5WFro3Zoa+O9lmUPpk6iN5z0OvmiwJfrhl:5Wg4PN5FYr

    Score
    8/10
    discoveryevasionexecutionpersistence

    • Stops running service(s)

      evasionexecution

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks