Overview

overview

10

Static

static

3

05ca0199ad...18.dll

windows7-x64

10

05ca0199ad...18.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    05ca0199ad3129b71a49bba34425dda1_JaffaCakes118

  • Size

    236KB

  • Sample

    241001-pgssjasgph

  • MD5

    05ca0199ad3129b71a49bba34425dda1

  • SHA1

    0aea845661daf1fb1cef3785c3f3bfc493598b01

  • SHA256

    9d08d6c7937213f242d8cb1f6848b1b278f4485e6d28f5221b110e435ccd8761

  • SHA512

    a1cee57e7c20547623314f877cc1a9e83c24636c4cf1ce360e564cdc0bb8dc9f2dc0e29bd892c6872e78155e63dc1c4a3fb7bdfe672e2f3a78049b35fc725b62

  • SSDEEP

    3072:SeqmgHwlaazN9U3J+P0wFp+bLrt2wkkId:+Qj9U3jwO3rt5S

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      05ca0199ad3129b71a49bba34425dda1_JaffaCakes118

    • Size

      236KB

    • MD5

      05ca0199ad3129b71a49bba34425dda1

    • SHA1

      0aea845661daf1fb1cef3785c3f3bfc493598b01

    • SHA256

      9d08d6c7937213f242d8cb1f6848b1b278f4485e6d28f5221b110e435ccd8761

    • SHA512

      a1cee57e7c20547623314f877cc1a9e83c24636c4cf1ce360e564cdc0bb8dc9f2dc0e29bd892c6872e78155e63dc1c4a3fb7bdfe672e2f3a78049b35fc725b62

    • SSDEEP

      3072:SeqmgHwlaazN9U3J+P0wFp+bLrt2wkkId:+Qj9U3jwO3rt5S

    Score
    10/10
    discoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks