Overview

overview

10

Static

static

10

b72f98f14a...18.exe

windows7-x64

7

b72f98f14a...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b72f98f14afe9299775ed2da98a77bd7_JaffaCakes118

  • Size

    313KB

  • Sample

    241202-gvgcnasphw

  • MD5

    b72f98f14afe9299775ed2da98a77bd7

  • SHA1

    0210f27fbebfadf3a52d06222e50ce596ed2db58

  • SHA256

    a92ed67fe05072b2518ca382111a82e236e4bd937f3443952db9af6148e738c7

  • SHA512

    419f465cca4f411bf2f7f0fc8a148af74bf415c768f88509deb40dbb82e76478be144fe7ced9e13771643fd84caa3631dbe4734372bcae31c6192a8f83283a74

  • SSDEEP

    3072:dQ4omAhLjkbWrJBj/yMEwTMu8IGy6YQ4omTQ4ompr85Cxr85CbQ4omF:KmkfmIBjKw6Ry+mkmF9N9cmF

Score
10/10
neshtadiscoverypersistence

Malware Config

Targets

    • Target

      b72f98f14afe9299775ed2da98a77bd7_JaffaCakes118

    • Size

      313KB

    • MD5

      b72f98f14afe9299775ed2da98a77bd7

    • SHA1

      0210f27fbebfadf3a52d06222e50ce596ed2db58

    • SHA256

      a92ed67fe05072b2518ca382111a82e236e4bd937f3443952db9af6148e738c7

    • SHA512

      419f465cca4f411bf2f7f0fc8a148af74bf415c768f88509deb40dbb82e76478be144fe7ced9e13771643fd84caa3631dbe4734372bcae31c6192a8f83283a74

    • SSDEEP

      3072:dQ4omAhLjkbWrJBj/yMEwTMu8IGy6YQ4omTQ4ompr85Cxr85CbQ4omF:KmkfmIBjKw6Ry+mkmF9N9cmF

    Score
    7/10
    discoverypersistence

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks