Overview

overview

7

Static

static

3

3ef90218f0...18.exe

windows7-x64

7

3ef90218f0...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3ef90218f0a367b9a10a0ce9bcfabfb8_JaffaCakes118

  • Size

    180KB

  • Sample

    241013-k2d3nashnm

  • MD5

    3ef90218f0a367b9a10a0ce9bcfabfb8

  • SHA1

    6ff618b70f763eeba3e1ba9666a76b9a96906f48

  • SHA256

    fb32361f26debf0e6c2dca1393ee4faed0decae88d258197476eb01172baf24f

  • SHA512

    a4578e7ecd003e6b56503b8af2a35f3756b821d0edff2c796774e198d23ce05fb2705eade59e42898698a4b2e892d15bc5da344cf6baf20bfecdcef9d55e94d9

  • SSDEEP

    3072:PX81qQFa6x61yGSGTWymaJy+qO3m2OGtOGaaDWaayhKeiLe9fr/+4tqnw14oTy1y:P8Xl61yGSGTWymaJy+qO3m2OGtOGaaDm

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      3ef90218f0a367b9a10a0ce9bcfabfb8_JaffaCakes118

    • Size

      180KB

    • MD5

      3ef90218f0a367b9a10a0ce9bcfabfb8

    • SHA1

      6ff618b70f763eeba3e1ba9666a76b9a96906f48

    • SHA256

      fb32361f26debf0e6c2dca1393ee4faed0decae88d258197476eb01172baf24f

    • SHA512

      a4578e7ecd003e6b56503b8af2a35f3756b821d0edff2c796774e198d23ce05fb2705eade59e42898698a4b2e892d15bc5da344cf6baf20bfecdcef9d55e94d9

    • SSDEEP

      3072:PX81qQFa6x61yGSGTWymaJy+qO3m2OGtOGaaDWaayhKeiLe9fr/+4tqnw14oTy1y:P8Xl61yGSGTWymaJy+qO3m2OGtOGaaDm

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks