Overview

overview

8

Static

static

5

JaffaCakes...db.exe

windows7-x64

8

JaffaCakes...db.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_98e3d2086ee5c43d9faf801af4a7cbdb

  • Size

    24KB

  • Sample

    250330-tlh64sssfz

  • MD5

    98e3d2086ee5c43d9faf801af4a7cbdb

  • SHA1

    826fd0cee8ae48bf3ec914208fb7e49e773403d8

  • SHA256

    c475fed2f6ba0ac3c67cf84d39fe08956bd72be6857a6f5d047949c46119e44c

  • SHA512

    10bcd7590cec8f1a7f92fa9bd0f0008813aa77ba66c662013b046af5ab4d74a2ea58dc4dc51ba87a8078bfd5620d43d50c2e4e5a06a443aa9f4671cc9dcab155

  • SSDEEP

    384:Pp6CE6rdOhM0qufXwxZsN/YYj5BTMkUMpM1dUr2RqTwleANiW8T/7cE4:hbdOhM0TfgjsRYmNMuwRRqTxNrP

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      JaffaCakes118_98e3d2086ee5c43d9faf801af4a7cbdb

    • Size

      24KB

    • MD5

      98e3d2086ee5c43d9faf801af4a7cbdb

    • SHA1

      826fd0cee8ae48bf3ec914208fb7e49e773403d8

    • SHA256

      c475fed2f6ba0ac3c67cf84d39fe08956bd72be6857a6f5d047949c46119e44c

    • SHA512

      10bcd7590cec8f1a7f92fa9bd0f0008813aa77ba66c662013b046af5ab4d74a2ea58dc4dc51ba87a8078bfd5620d43d50c2e4e5a06a443aa9f4671cc9dcab155

    • SSDEEP

      384:Pp6CE6rdOhM0qufXwxZsN/YYj5BTMkUMpM1dUr2RqTwleANiW8T/7cE4:hbdOhM0TfgjsRYmNMuwRRqTxNrP

    Score
    8/10
    discoverypersistenceupx

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks