Overview

overview

8

Static

static

3

ea9a6ac410...18.exe

windows7-x64

ea9a6ac410...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea9a6ac4101a5a2988477e21e3d10f73_JaffaCakes118

  • Size

    244KB

  • Sample

    240919-fawfea1grq

  • MD5

    ea9a6ac4101a5a2988477e21e3d10f73

  • SHA1

    8771537a2266298dba00ace96069917fb98a242b

  • SHA256

    d5c7941b14b05c927c76dc25fd5ccf9bfb7232f2cd5f2fa2c4cb08d37f29dccf

  • SHA512

    f8993e840b8b36a88263128e61834609f38ffb4202d341aff734e76a2794fda1eb9077e5e9f365f72529d3093e011d801383652ff35c21804497f818ec6edd53

  • SSDEEP

    3072:OwJIoFdXPglh+Hbtie7zHzYKM1IBObjdKcCZymYm4vHani9JSZEI6eREzv4pL4:OLIPUQJiC0IctZv6nizBeazT

Score
8/10
adwaredefense_evasiondiscoverypersistencestealer

Malware Config

Targets

    • Target

      ea9a6ac4101a5a2988477e21e3d10f73_JaffaCakes118

    • Size

      244KB

    • MD5

      ea9a6ac4101a5a2988477e21e3d10f73

    • SHA1

      8771537a2266298dba00ace96069917fb98a242b

    • SHA256

      d5c7941b14b05c927c76dc25fd5ccf9bfb7232f2cd5f2fa2c4cb08d37f29dccf

    • SHA512

      f8993e840b8b36a88263128e61834609f38ffb4202d341aff734e76a2794fda1eb9077e5e9f365f72529d3093e011d801383652ff35c21804497f818ec6edd53

    • SSDEEP

      3072:OwJIoFdXPglh+Hbtie7zHzYKM1IBObjdKcCZymYm4vHani9JSZEI6eREzv4pL4:OLIPUQJiC0IctZv6nizBeazT

    Score
    8/10
    adwaredefense_evasiondiscoverypersistencestealer

    • Server Software Component: Terminal Services DLL

      persistence

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

      defense_evasion

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks