Overview

overview

8

Static

static

7

2c9b9de570...18.exe

windows7-x64

8

2c9b9de570...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2c9b9de570b4ebb2711a69225e40a441_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241009-hfbz3azbjp

  • MD5

    2c9b9de570b4ebb2711a69225e40a441

  • SHA1

    38c224bf0da76fc6df4480c93e495e365d9114a1

  • SHA256

    dc634edd5e33c38a5a7f2fee7a090bc2c8711cdf0c591e57cdd749c126ffe05b

  • SHA512

    f7cb7fdac4de34ba0d621024a559706f74f016d755e06fff9600a8b6709ea3b614c9a27315ca7274ec667b6c8f12d1e88695c5a712a1624e32d002d3d9b2139f

  • SSDEEP

    24576:RrA201EhGYtFj4InU2Qle6q/1A/FK+KKW1Nk7WSe595kwdMf0:BJJ4CU2QYXA/Ckmkwdl

Score
8/10
discoverypersistencethemida

Malware Config

Targets

    • Target

      2c9b9de570b4ebb2711a69225e40a441_JaffaCakes118

    • Size

      1.3MB

    • MD5

      2c9b9de570b4ebb2711a69225e40a441

    • SHA1

      38c224bf0da76fc6df4480c93e495e365d9114a1

    • SHA256

      dc634edd5e33c38a5a7f2fee7a090bc2c8711cdf0c591e57cdd749c126ffe05b

    • SHA512

      f7cb7fdac4de34ba0d621024a559706f74f016d755e06fff9600a8b6709ea3b614c9a27315ca7274ec667b6c8f12d1e88695c5a712a1624e32d002d3d9b2139f

    • SSDEEP

      24576:RrA201EhGYtFj4InU2Qle6q/1A/FK+KKW1Nk7WSe595kwdMf0:BJJ4CU2QYXA/Ckmkwdl

    Score
    8/10
    discoverypersistencethemida

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks