Overview

overview

7

Static

static

1

c25e730fb3...18.exe

windows7-x64

7

c25e730fb3...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c25e730fb3c243455f4da49e4c3a9f1f_JaffaCakes118

  • Size

    323KB

  • Sample

    240826-f65c7axeqb

  • MD5

    c25e730fb3c243455f4da49e4c3a9f1f

  • SHA1

    12616df9ff405d5ba9a9ccab0efc82feb5dc152d

  • SHA256

    3ea5e2a6253da3d0bf3a591ab8e128305ffaca294b770507078176280cafdaa0

  • SHA512

    03b303fccc54353e4e5602630f7ead015d15b04f830fcb0ae017c8fab9b356983738737d229380f2b9188d9a37a72332b7af0d71b834d4e85bd0ef30d6f02ae9

  • SSDEEP

    3072:JB8Nu8xX7Ol7GVlTTAt9gMNNy9sEeR7Kw1lmGSKM4hMpCTgCCcxXbsPC35ynqoRx:r8Nu8QlCVImGtn2tpCoMflokFnxKB

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      c25e730fb3c243455f4da49e4c3a9f1f_JaffaCakes118

    • Size

      323KB

    • MD5

      c25e730fb3c243455f4da49e4c3a9f1f

    • SHA1

      12616df9ff405d5ba9a9ccab0efc82feb5dc152d

    • SHA256

      3ea5e2a6253da3d0bf3a591ab8e128305ffaca294b770507078176280cafdaa0

    • SHA512

      03b303fccc54353e4e5602630f7ead015d15b04f830fcb0ae017c8fab9b356983738737d229380f2b9188d9a37a72332b7af0d71b834d4e85bd0ef30d6f02ae9

    • SSDEEP

      3072:JB8Nu8xX7Ol7GVlTTAt9gMNNy9sEeR7Kw1lmGSKM4hMpCTgCCcxXbsPC35ynqoRx:r8Nu8QlCVImGtn2tpCoMflokFnxKB

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks