Overview

overview

10

Static

static

3

b3b6838855...18.exe

windows7-x64

10

b3b6838855...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3b683885596a5b798d8c7303042be5d_JaffaCakes118

  • Size

    336KB

  • Sample

    240821-q6atpa1hnd

  • MD5

    b3b683885596a5b798d8c7303042be5d

  • SHA1

    398c6d57daa6d710ec380b5c22284aabc7dcf489

  • SHA256

    d9f9108b95f8a0309904b0257d05c74a6c5a93898fc60007c19e3f0c88fa59bc

  • SHA512

    3a0ab3a761e6b021b73cdd06cf7bbaaa812990b389cf554034beb060b8ab90dd99968356ba51616cfbeb5f289c4eae46080451c0667b3f6894fc726bfb55b651

  • SSDEEP

    6144:8Z9ISZXtMC0bck9VXomSVcJLsENLIaQ2G4pu3xPu6tdxDhfaGcd6yUWppsKnSxUE:U9ISt2C0FbSVgLT57hpu3xG6Lx1faTdi

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      b3b683885596a5b798d8c7303042be5d_JaffaCakes118

    • Size

      336KB

    • MD5

      b3b683885596a5b798d8c7303042be5d

    • SHA1

      398c6d57daa6d710ec380b5c22284aabc7dcf489

    • SHA256

      d9f9108b95f8a0309904b0257d05c74a6c5a93898fc60007c19e3f0c88fa59bc

    • SHA512

      3a0ab3a761e6b021b73cdd06cf7bbaaa812990b389cf554034beb060b8ab90dd99968356ba51616cfbeb5f289c4eae46080451c0667b3f6894fc726bfb55b651

    • SSDEEP

      6144:8Z9ISZXtMC0bck9VXomSVcJLsENLIaQ2G4pu3xPu6tdxDhfaGcd6yUWppsKnSxUE:U9ISt2C0FbSVgLT57hpu3xG6Lx1faTdi

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks