Overview

overview

8

Static

static

3

ea85390448...18.dll

windows7-x64

8

ea85390448...18.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    ea853904480689c87eda18582964d4d8_JaffaCakes118

  • Size

    121KB

  • Sample

    240919-d9jvjszbjj

  • MD5

    ea853904480689c87eda18582964d4d8

  • SHA1

    37cb05c04261437412f1d9dabbdce749505bb951

  • SHA256

    110e795a3e5e98119684aa95a92c9a73bf76094eb0710a2f9379dee5dd2a9ff8

  • SHA512

    1ab7402fbc7ee0936b5f90ff48566ea581c7edb054bbbf615ee24b8fdb5be0f793282f19f32dd2393a6f2f2a1593c174f3c5cf7778398cafe737ddee52024d78

  • SSDEEP

    3072:WieOZAyAbvVx4L9UssB9o5bjkfyQqDn0KE1aTSx1:jkyAbNAPM9o5bjwvqAF0+

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      ea853904480689c87eda18582964d4d8_JaffaCakes118

    • Size

      121KB

    • MD5

      ea853904480689c87eda18582964d4d8

    • SHA1

      37cb05c04261437412f1d9dabbdce749505bb951

    • SHA256

      110e795a3e5e98119684aa95a92c9a73bf76094eb0710a2f9379dee5dd2a9ff8

    • SHA512

      1ab7402fbc7ee0936b5f90ff48566ea581c7edb054bbbf615ee24b8fdb5be0f793282f19f32dd2393a6f2f2a1593c174f3c5cf7778398cafe737ddee52024d78

    • SSDEEP

      3072:WieOZAyAbvVx4L9UssB9o5bjkfyQqDn0KE1aTSx1:jkyAbNAPM9o5bjwvqAF0+

    Score
    8/10
    discoverypersistence

    • Blocklisted process makes network request

    • Sets service image path in registry

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks