Overview

overview

7

Static

static

1

15c88f1d39...18.exe

windows7-x64

7

15c88f1d39...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    15c88f1d3942e7fdac7c8500e0319766_JaffaCakes118

  • Size

    417KB

  • Sample

    241005-cs8lxazdqk

  • MD5

    15c88f1d3942e7fdac7c8500e0319766

  • SHA1

    a1e964345c638e4339a85f6015c5aa250703337c

  • SHA256

    678ba6d5c8e4645e135870cbee608c3bbcf35a3537b03f87f041e00d3cc05f77

  • SHA512

    3d0a6bd3a93b7e520f1030c1ada8c72fb060e140f89048b522a84e1ef7d0341d5ee32044c470726995fab8b1b1224e6a6bc4fd47af2dea08f5c1aa7df97e1528

  • SSDEEP

    6144:+SR3c/xxuwSBigBanI0k2bYw/MK+raJ3x76b6pg4E4pSlJKiLxNKSe2K:FR3WxQwYHaI0VYwEt0x72EpdoyiW

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      15c88f1d3942e7fdac7c8500e0319766_JaffaCakes118

    • Size

      417KB

    • MD5

      15c88f1d3942e7fdac7c8500e0319766

    • SHA1

      a1e964345c638e4339a85f6015c5aa250703337c

    • SHA256

      678ba6d5c8e4645e135870cbee608c3bbcf35a3537b03f87f041e00d3cc05f77

    • SHA512

      3d0a6bd3a93b7e520f1030c1ada8c72fb060e140f89048b522a84e1ef7d0341d5ee32044c470726995fab8b1b1224e6a6bc4fd47af2dea08f5c1aa7df97e1528

    • SSDEEP

      6144:+SR3c/xxuwSBigBanI0k2bYw/MK+raJ3x76b6pg4E4pSlJKiLxNKSe2K:FR3WxQwYHaI0VYwEt0x72EpdoyiW

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks