Overview

overview

10

Static

static

3

267125977c...18.exe

windows7-x64

5

267125977c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    267125977cb2e5a1f94c21a9a9943b79_JaffaCakes118

  • Size

    938KB

  • Sample

    241008-2fg1vstemp

  • MD5

    267125977cb2e5a1f94c21a9a9943b79

  • SHA1

    90870f2e0b259cad5c9a40988d3882cfde69d21c

  • SHA256

    e251006c1a88dca920c524d493ec16514fb393e8f33c3682948cebba69ab4998

  • SHA512

    bf4dec17414a49f8638ba8ffe45fcc62d50b83af2044f3ffd9a5d1cced37d8afda1e0e52ff10c696a460573c423ff78252fa586275057f532b6ff312da55c3b1

  • SSDEEP

    24576:yPfPf3V1DmHJLJJltyd7nFrA4H1z9pv/20M:yPfPf3+vOdhrNZv/0

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      267125977cb2e5a1f94c21a9a9943b79_JaffaCakes118

    • Size

      938KB

    • MD5

      267125977cb2e5a1f94c21a9a9943b79

    • SHA1

      90870f2e0b259cad5c9a40988d3882cfde69d21c

    • SHA256

      e251006c1a88dca920c524d493ec16514fb393e8f33c3682948cebba69ab4998

    • SHA512

      bf4dec17414a49f8638ba8ffe45fcc62d50b83af2044f3ffd9a5d1cced37d8afda1e0e52ff10c696a460573c423ff78252fa586275057f532b6ff312da55c3b1

    • SSDEEP

      24576:yPfPf3V1DmHJLJJltyd7nFrA4H1z9pv/20M:yPfPf3+vOdhrNZv/0

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks