Overview

overview

7

Static

static

3

d1d54d2c70...18.exe

windows7-x64

7

d1d54d2c70...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1d54d2c7024df5f6c6ba10e3bb2a607_JaffaCakes118

  • Size

    148KB

  • Sample

    240907-nm5hvasdlb

  • MD5

    d1d54d2c7024df5f6c6ba10e3bb2a607

  • SHA1

    85fc23d35b46cc765a02f4a512ad324aec563690

  • SHA256

    e4e8f8e5b2867cc08bc0b0d6daa8797e048c85a1e6af13ab9855da6f85eff2dd

  • SHA512

    0dfac71db8f940d04b221e6746794d0546b348e656c7e3e528cd0bb99a3bf0e00e26c516f856fe4fe337789fb28f85a45ea3d6e5f180558840f4f863ecf47438

  • SSDEEP

    3072:7/nIQJqi7fJE0WU+THP5RhwhhsgWwXNwmhurZ:7/IinhEDUOxRmTgw9wmkV

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      d1d54d2c7024df5f6c6ba10e3bb2a607_JaffaCakes118

    • Size

      148KB

    • MD5

      d1d54d2c7024df5f6c6ba10e3bb2a607

    • SHA1

      85fc23d35b46cc765a02f4a512ad324aec563690

    • SHA256

      e4e8f8e5b2867cc08bc0b0d6daa8797e048c85a1e6af13ab9855da6f85eff2dd

    • SHA512

      0dfac71db8f940d04b221e6746794d0546b348e656c7e3e528cd0bb99a3bf0e00e26c516f856fe4fe337789fb28f85a45ea3d6e5f180558840f4f863ecf47438

    • SSDEEP

      3072:7/nIQJqi7fJE0WU+THP5RhwhhsgWwXNwmhurZ:7/IinhEDUOxRmTgw9wmkV

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks