Overview

overview

7

Static

static

1

b996dd1675...18.exe

windows7-x64

7

b996dd1675...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    b996dd16754980fca621f270a9253132_JaffaCakes118

  • Size

    321KB

  • Sample

    240823-acvzrsxclm

  • MD5

    b996dd16754980fca621f270a9253132

  • SHA1

    b50858d8e2a1126da3434d1d29aa67c5eb3b0396

  • SHA256

    400401ddc1d04cef1a874040715fcccd08775e85de7b73c63ee766640fd7bfb8

  • SHA512

    d145a2b2d2fb215a7b9534b0976e580d7f26dcce81e1c0f0d9873d56e26edc3d3246f1e99096408355cd25d7de2ab1246834072c445eda321fdd279fe9a2630f

  • SSDEEP

    6144:+T+FQoid7PswMHScIOq1G/PG3RnC2CkErfoL:xFhiIycBqw4RC2gcL

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      b996dd16754980fca621f270a9253132_JaffaCakes118

    • Size

      321KB

    • MD5

      b996dd16754980fca621f270a9253132

    • SHA1

      b50858d8e2a1126da3434d1d29aa67c5eb3b0396

    • SHA256

      400401ddc1d04cef1a874040715fcccd08775e85de7b73c63ee766640fd7bfb8

    • SHA512

      d145a2b2d2fb215a7b9534b0976e580d7f26dcce81e1c0f0d9873d56e26edc3d3246f1e99096408355cd25d7de2ab1246834072c445eda321fdd279fe9a2630f

    • SSDEEP

      6144:+T+FQoid7PswMHScIOq1G/PG3RnC2CkErfoL:xFhiIycBqw4RC2gcL

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks