Overview

overview

8

Static

static

3

e1a9096dfd...18.exe

windows7-x64

8

e1a9096dfd...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    e1a9096dfd5c1cb08dee942ea0229aeb_JaffaCakes118

  • Size

    398KB

  • Sample

    240915-ejd22svclf

  • MD5

    e1a9096dfd5c1cb08dee942ea0229aeb

  • SHA1

    3c20a4370c34d793735cf51b5929ab0507545be3

  • SHA256

    7c0b7eca23a1ca1fc7c8cf50cac0ecb8e2c6621c289671d2211712bb69a21f2c

  • SHA512

    583e9deb5e3b03917d8fc2188e6c28288cc6007e67786844bd2986154d9fe0250f2b04e5727f9aff1922ad789550691a3e03218835c5cd08bd23e7af97350a61

  • SSDEEP

    12288:H8arSnMtLhq2cKspcxfJ0Xk4hptNSrQf/g:Ut2cKrxfihPh/g

Score
8/10
discoveryevasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      e1a9096dfd5c1cb08dee942ea0229aeb_JaffaCakes118

    • Size

      398KB

    • MD5

      e1a9096dfd5c1cb08dee942ea0229aeb

    • SHA1

      3c20a4370c34d793735cf51b5929ab0507545be3

    • SHA256

      7c0b7eca23a1ca1fc7c8cf50cac0ecb8e2c6621c289671d2211712bb69a21f2c

    • SHA512

      583e9deb5e3b03917d8fc2188e6c28288cc6007e67786844bd2986154d9fe0250f2b04e5727f9aff1922ad789550691a3e03218835c5cd08bd23e7af97350a61

    • SSDEEP

      12288:H8arSnMtLhq2cKspcxfJ0Xk4hptNSrQf/g:Ut2cKrxfihPh/g

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks