Overview

overview

10

Static

static

3

13eb27e130...18.exe

windows7-x64

10

13eb27e130...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    13eb27e13093204ffed936e4f74fa4a0_JaffaCakes118

  • Size

    485KB

  • Sample

    241004-sxc9ka1hrq

  • MD5

    13eb27e13093204ffed936e4f74fa4a0

  • SHA1

    8c6a49265f59720917729072762be91a2039aaf0

  • SHA256

    8886cc1b9facb1d083fe81b8789352e62ddf98ff9217cf2d5d9ae9966f9c7dfe

  • SHA512

    79c5887bafcbed88fd01593d70c891acc5ff5740f7267c2c9c363d25c723ab14ce124d002ae59c3b7bf777f022243db315e388ab4b3c1019b845a970d7df1986

  • SSDEEP

    12288:iroCc//////azg728wDtJOJ35ed+GU0ymlOEF+JXPBlkJ2EvmpC8+T:AoCc//////agkDtJwN0yNEFqXPBeT

Score
10/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      13eb27e13093204ffed936e4f74fa4a0_JaffaCakes118

    • Size

      485KB

    • MD5

      13eb27e13093204ffed936e4f74fa4a0

    • SHA1

      8c6a49265f59720917729072762be91a2039aaf0

    • SHA256

      8886cc1b9facb1d083fe81b8789352e62ddf98ff9217cf2d5d9ae9966f9c7dfe

    • SHA512

      79c5887bafcbed88fd01593d70c891acc5ff5740f7267c2c9c363d25c723ab14ce124d002ae59c3b7bf777f022243db315e388ab4b3c1019b845a970d7df1986

    • SSDEEP

      12288:iroCc//////azg728wDtJOJ35ed+GU0ymlOEF+JXPBlkJ2EvmpC8+T:AoCc//////agkDtJwN0yNEFqXPBeT

    Score
    10/10
    defense_evasiondiscoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks