Overview

overview

7

Static

static

3

06853d5e8e...18.exe

windows7-x64

7

06853d5e8e...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    06853d5e8e894827aa6603fa31d2d507_JaffaCakes118

  • Size

    713KB

  • Sample

    241001-twypjssgpc

  • MD5

    06853d5e8e894827aa6603fa31d2d507

  • SHA1

    a289dfb6d072d2586275775f4f31be673e34c5b0

  • SHA256

    e237e1bbf8f4d16e0fdf448790fa53a35b0d2e642a08e1290dfa7d4f0ee71c10

  • SHA512

    5435c2a2e4582832a949ac40bf5ef945f526606c573ccd03c3a52364228ff5823d5699cdbb9ccbd123c0f36fe1819d645fb52a3fa30e79461b82087e95678186

  • SSDEEP

    12288:GVd1+vqJcm8E6mk+p3GVqjg2xFvpgd4Talzr/M3IvVtTLFl+rKCl5DhOk:8U1lX+pWV2npm4Tf3Ivn3iBhO

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      06853d5e8e894827aa6603fa31d2d507_JaffaCakes118

    • Size

      713KB

    • MD5

      06853d5e8e894827aa6603fa31d2d507

    • SHA1

      a289dfb6d072d2586275775f4f31be673e34c5b0

    • SHA256

      e237e1bbf8f4d16e0fdf448790fa53a35b0d2e642a08e1290dfa7d4f0ee71c10

    • SHA512

      5435c2a2e4582832a949ac40bf5ef945f526606c573ccd03c3a52364228ff5823d5699cdbb9ccbd123c0f36fe1819d645fb52a3fa30e79461b82087e95678186

    • SSDEEP

      12288:GVd1+vqJcm8E6mk+p3GVqjg2xFvpgd4Talzr/M3IvVtTLFl+rKCl5DhOk:8U1lX+pWV2npm4Tf3Ivn3iBhO

    Score
    7/10
    discoverypersistence

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks