Overview

overview

10

Static

static

3

d0788974e9...18.exe

windows7-x64

10

d0788974e9...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d0788974e98860163c3f8ab4b291435e_JaffaCakes118

  • Size

    40KB

  • Sample

    240906-z5s4baybmp

  • MD5

    d0788974e98860163c3f8ab4b291435e

  • SHA1

    4283749ed172bb0b55c396c19413d36a254b17b9

  • SHA256

    bc1e4dc794656a2739dbcf5b66a5af70ccbf7aa2c278fe5e39049d0f51a3e94d

  • SHA512

    080ccfd646c5c6f8b55d5984ff082fe0c7a2bfae0b6205cb8f3cff929baa54e31ffb7c0a3d5a436818a454c9799419452172425b0b0411e825d52c2730732bc1

  • SSDEEP

    768:Q/qNxVq4ldw8b8Exe999VC+tUI3DoiYObPuI+2j:Q/qRqPEe999VxWI3DoiYu9

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      d0788974e98860163c3f8ab4b291435e_JaffaCakes118

    • Size

      40KB

    • MD5

      d0788974e98860163c3f8ab4b291435e

    • SHA1

      4283749ed172bb0b55c396c19413d36a254b17b9

    • SHA256

      bc1e4dc794656a2739dbcf5b66a5af70ccbf7aa2c278fe5e39049d0f51a3e94d

    • SHA512

      080ccfd646c5c6f8b55d5984ff082fe0c7a2bfae0b6205cb8f3cff929baa54e31ffb7c0a3d5a436818a454c9799419452172425b0b0411e825d52c2730732bc1

    • SSDEEP

      768:Q/qNxVq4ldw8b8Exe999VC+tUI3DoiYObPuI+2j:Q/qRqPEe999VxWI3DoiYu9

    Score
    10/10
    discoveryevasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies firewall policy service

      evasion

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks