Overview

overview

7

Static

static

1

cece42a3a2...18.exe

windows7-x64

7

cece42a3a2...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cece42a3a21991c8786abaef2947af91_JaffaCakes118

  • Size

    375KB

  • Sample

    240906-gfy9xszcpg

  • MD5

    cece42a3a21991c8786abaef2947af91

  • SHA1

    d19fae1efc119d697c25676b675accbcd46c1631

  • SHA256

    21febb1aaeabcc955f331056c2cbb8a91d246c5200e96242d98d52dc27935da2

  • SHA512

    ec01635a5ae66e18a70171ef176e1490cf70e8954d466c86e3ff9a81cb80ef2584a9964468b148cae28fe26965d492c5bbdf759f7ea131aa7413a82548701f17

  • SSDEEP

    6144:Qn0/zH/13lW9mLFDNrfXLXNjYR8cy+XR2S9y2zT4gJaLwiT1C:a0LHFEerj9j4xVFjN

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      cece42a3a21991c8786abaef2947af91_JaffaCakes118

    • Size

      375KB

    • MD5

      cece42a3a21991c8786abaef2947af91

    • SHA1

      d19fae1efc119d697c25676b675accbcd46c1631

    • SHA256

      21febb1aaeabcc955f331056c2cbb8a91d246c5200e96242d98d52dc27935da2

    • SHA512

      ec01635a5ae66e18a70171ef176e1490cf70e8954d466c86e3ff9a81cb80ef2584a9964468b148cae28fe26965d492c5bbdf759f7ea131aa7413a82548701f17

    • SSDEEP

      6144:Qn0/zH/13lW9mLFDNrfXLXNjYR8cy+XR2S9y2zT4gJaLwiT1C:a0LHFEerj9j4xVFjN

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks