Overview

overview

7

Static

static

1

eb1be45ca7...18.exe

windows7-x64

7

eb1be45ca7...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb1be45ca74b636121d6feb21fced212_JaffaCakes118

  • Size

    295KB

  • Sample

    240919-l6x7rstdnm

  • MD5

    eb1be45ca74b636121d6feb21fced212

  • SHA1

    05b5d2d50ad24a19fd66e4eaf3170442635b2e8e

  • SHA256

    721778ca9d9c2a547e534f7b3ec2c3064f27d689a331b7e51e7fd191ea141ba1

  • SHA512

    d4752e10f2a0abc4052af1a8061926fa9b921d7c8b8e7e4b9744680bd17bae611e43d2b549ce1847cb218e017064e14f9e3b977591a7451d12ddbadc4319db33

  • SSDEEP

    6144:PiGtsLNAlqNC+M+1PTG/qm/PgCnmUSFMhl4b+M/oI29uKw:6GtsLKt+x1PTEn/iUSFM8b+rI25w

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      eb1be45ca74b636121d6feb21fced212_JaffaCakes118

    • Size

      295KB

    • MD5

      eb1be45ca74b636121d6feb21fced212

    • SHA1

      05b5d2d50ad24a19fd66e4eaf3170442635b2e8e

    • SHA256

      721778ca9d9c2a547e534f7b3ec2c3064f27d689a331b7e51e7fd191ea141ba1

    • SHA512

      d4752e10f2a0abc4052af1a8061926fa9b921d7c8b8e7e4b9744680bd17bae611e43d2b549ce1847cb218e017064e14f9e3b977591a7451d12ddbadc4319db33

    • SSDEEP

      6144:PiGtsLNAlqNC+M+1PTG/qm/PgCnmUSFMhl4b+M/oI29uKw:6GtsLKt+x1PTEn/iUSFM8b+rI25w

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks