Overview

overview

7

Static

static

7

dedb9e172e...18.exe

windows7-x64

7

dedb9e172e...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dedb9e172e32fdaa528b86794dc505d4_JaffaCakes118

  • Size

    4.9MB

  • Sample

    240913-zeh6esyaqd

  • MD5

    dedb9e172e32fdaa528b86794dc505d4

  • SHA1

    648dfd889137380d9d813b1510a0da210bdc0bfc

  • SHA256

    871fc45e85d498d73f24b9090c4f0bf57d40d5d7bafba974835f1267cec6d839

  • SHA512

    5c7c3c5f6111d0c9c4ed0c841456d25e959ad54e34782d6262799d1874edfb959d3d3d3586578bb546ecf1aab9c2cc7c5ba8fdc7bba9050ee5b7a274c0064157

  • SSDEEP

    98304:rxVum0xbVlMtgoymPPY7W+vHyRyJLCn4nWxw9bzt1OJHI3KF:rxVh0xBlMtgoZPP6PvHyRoT5UI3KF

Score
7/10
discoverypersistencethemida

Malware Config

Targets

    • Target

      dedb9e172e32fdaa528b86794dc505d4_JaffaCakes118

    • Size

      4.9MB

    • MD5

      dedb9e172e32fdaa528b86794dc505d4

    • SHA1

      648dfd889137380d9d813b1510a0da210bdc0bfc

    • SHA256

      871fc45e85d498d73f24b9090c4f0bf57d40d5d7bafba974835f1267cec6d839

    • SHA512

      5c7c3c5f6111d0c9c4ed0c841456d25e959ad54e34782d6262799d1874edfb959d3d3d3586578bb546ecf1aab9c2cc7c5ba8fdc7bba9050ee5b7a274c0064157

    • SSDEEP

      98304:rxVum0xbVlMtgoymPPY7W+vHyRyJLCn4nWxw9bzt1OJHI3KF:rxVh0xBlMtgoZPP6PvHyRoT5UI3KF

    Score
    7/10
    discoverypersistencethemida

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks