Overview

overview

10

Static

static

3

ed90108b52...18.exe

windows7-x64

10

ed90108b52...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed90108b52c0a8056c812ae8feadf0c9_JaffaCakes118

  • Size

    80KB

  • Sample

    240920-pedwlawakb

  • MD5

    ed90108b52c0a8056c812ae8feadf0c9

  • SHA1

    54f9ed8624d88ddda67df9945f7c7e8009f78e80

  • SHA256

    d598870bb4d047e7b0a9c1bb501d41dc7a54b19a2602609da75956035ed6cd20

  • SHA512

    52bc42eb9b87ecee710fbb0c09eb76919e2494814550a4b1319018f1520852c6cd94887675145827aa6d14f1bebefc4674d840189a75ff7cc6e96b52913e073e

  • SSDEEP

    1536:+bmvfClcR9wcochd469vhTrJouvVprQp+kBP17zMmdHGCVTQR3:pXMc/wcoOx9JTrJTvVp4DcWHG

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      ed90108b52c0a8056c812ae8feadf0c9_JaffaCakes118

    • Size

      80KB

    • MD5

      ed90108b52c0a8056c812ae8feadf0c9

    • SHA1

      54f9ed8624d88ddda67df9945f7c7e8009f78e80

    • SHA256

      d598870bb4d047e7b0a9c1bb501d41dc7a54b19a2602609da75956035ed6cd20

    • SHA512

      52bc42eb9b87ecee710fbb0c09eb76919e2494814550a4b1319018f1520852c6cd94887675145827aa6d14f1bebefc4674d840189a75ff7cc6e96b52913e073e

    • SSDEEP

      1536:+bmvfClcR9wcochd469vhTrJouvVprQp+kBP17zMmdHGCVTQR3:pXMc/wcoOx9JTrJTvVp4DcWHG

    Score
    10/10
    evasionpersistencediscovery

    • Modifies WinLogon for persistence

      persistence

    • Modifies firewall policy service

      evasion

    • Disables RegEdit via registry modification

      evasion

    • Drops file in Drivers directory

    • Drops startup file

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks