Overview

overview

10

Static

static

3

e2812a76f4...18.exe

windows7-x64

10

e2812a76f4...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2812a76f4d4a86996e6dca725854468_JaffaCakes118

  • Size

    4.7MB

  • Sample

    240915-pxp2ksterh

  • MD5

    e2812a76f4d4a86996e6dca725854468

  • SHA1

    0cf707b82e9ffea7d969e4e0737ed08c8ebabf8d

  • SHA256

    4b04b558793d7255d059baef4fedb14ad94c802b67e4c21d5c60e321851158fc

  • SHA512

    1d4215e42929d7c6ee391f25188c0821e3335a0d4844de5264ae0dbc1782d25f9fda9cdc8c54f50a3ee7e6fbc4436bc5221966ce8cb70fa2c842b46861145ce0

  • SSDEEP

    98304:JyTD5obZT0wiyKnQIoJ+eGABm7NcpYymOZd2eWby95JBHll:8HJbQIoFSJcudbO95JBH

Score
10/10
gluptebadiscoverydropperevasionloaderpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      e2812a76f4d4a86996e6dca725854468_JaffaCakes118

    • Size

      4.7MB

    • MD5

      e2812a76f4d4a86996e6dca725854468

    • SHA1

      0cf707b82e9ffea7d969e4e0737ed08c8ebabf8d

    • SHA256

      4b04b558793d7255d059baef4fedb14ad94c802b67e4c21d5c60e321851158fc

    • SHA512

      1d4215e42929d7c6ee391f25188c0821e3335a0d4844de5264ae0dbc1782d25f9fda9cdc8c54f50a3ee7e6fbc4436bc5221966ce8cb70fa2c842b46861145ce0

    • SSDEEP

      98304:JyTD5obZT0wiyKnQIoJ+eGABm7NcpYymOZd2eWby95JBHll:8HJbQIoFSJcudbO95JBH

    Score
    10/10
    gluptebadiscoverydropperevasionloaderpersistenceprivilege_escalationtrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Event Triggered Execution

1
T1546

Netsh Helper DLL

1
T1546.007

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Event Triggered Execution

1
T1546

Netsh Helper DLL

1
T1546.007

Defense Evasion

Impair Defenses

3
T1562

Disable or Modify System Firewall

1
T1562.004

Disable or Modify Tools

2
T1562.001

Modify Registry

4
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Credential Access

Discovery

System Information Discovery

1
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks