Overview

overview

7

Static

static

1

14da9c0b74...18.exe

windows7-x64

7

14da9c0b74...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14da9c0b740465e340110e7770b3964f_JaffaCakes118

  • Size

    333KB

  • Sample

    241004-zhemeavflj

  • MD5

    14da9c0b740465e340110e7770b3964f

  • SHA1

    97b0e9948e955c958f84f9eca0fc8b5956e8be37

  • SHA256

    a9a2e5d1e392fde875e5bf12c25ec17c92f91346b5fbbd58a79daaec08d7a3b6

  • SHA512

    d29797bab0e845284b42d05b009802e994023197a50c897729ba49443fd1055e8dd8cfd46096d6d42ac738fe75fa7f562c5e090ac82f355474e7ce45b4210524

  • SSDEEP

    6144:CxF74bab59oicM835IPUdv4+n+IW+xdY2DDQdsiyfxPh4eUT/1XPGL1qmY+D527z:7ba19otM83Rv+IZTbD7iy5kThGLy

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      14da9c0b740465e340110e7770b3964f_JaffaCakes118

    • Size

      333KB

    • MD5

      14da9c0b740465e340110e7770b3964f

    • SHA1

      97b0e9948e955c958f84f9eca0fc8b5956e8be37

    • SHA256

      a9a2e5d1e392fde875e5bf12c25ec17c92f91346b5fbbd58a79daaec08d7a3b6

    • SHA512

      d29797bab0e845284b42d05b009802e994023197a50c897729ba49443fd1055e8dd8cfd46096d6d42ac738fe75fa7f562c5e090ac82f355474e7ce45b4210524

    • SSDEEP

      6144:CxF74bab59oicM835IPUdv4+n+IW+xdY2DDQdsiyfxPh4eUT/1XPGL1qmY+D527z:7ba19otM83Rv+IZTbD7iy5kThGLy

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks