Overview

overview

7

Static

static

1

ff79c6553d...18.exe

windows7-x64

7

ff79c6553d...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff79c6553d3fb7689cf472984effcc5b_JaffaCakes118

  • Size

    290KB

  • Sample

    240929-29e4csyhqa

  • MD5

    ff79c6553d3fb7689cf472984effcc5b

  • SHA1

    ef1baa26d59fe7ad47c60bb3e83fbc9eb05abfc1

  • SHA256

    7f32fa75d05a74d9447a347f89bcb149befbab9f6e1d3bb36de1ab29a24ab5fb

  • SHA512

    c5f588d4994184acc100351c6dafeb1aeaf0f3e227ad53479f785be0cf352c2a75624c2af6a373d128e2df68061d1aa987be4972f5c95ae927a927faec9a72fe

  • SSDEEP

    6144:2fsOV09Du+Rc9DMQtc9LMojzmx1i68NbP67pkkDvarPdYLx3IhpD:KX2C9DGh1wi6APephDvoY13QpD

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      ff79c6553d3fb7689cf472984effcc5b_JaffaCakes118

    • Size

      290KB

    • MD5

      ff79c6553d3fb7689cf472984effcc5b

    • SHA1

      ef1baa26d59fe7ad47c60bb3e83fbc9eb05abfc1

    • SHA256

      7f32fa75d05a74d9447a347f89bcb149befbab9f6e1d3bb36de1ab29a24ab5fb

    • SHA512

      c5f588d4994184acc100351c6dafeb1aeaf0f3e227ad53479f785be0cf352c2a75624c2af6a373d128e2df68061d1aa987be4972f5c95ae927a927faec9a72fe

    • SSDEEP

      6144:2fsOV09Du+Rc9DMQtc9LMojzmx1i68NbP67pkkDvarPdYLx3IhpD:KX2C9DGh1wi6APephDvoY13QpD

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks