Overview

overview

10

Static

static

3

JaffaCakes...35.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a168a3e87ad513360084f51576a80435

  • Size

    189KB

  • Sample

    250408-yyq5psz1gy

  • MD5

    a168a3e87ad513360084f51576a80435

  • SHA1

    8c1ab58e960ec7bbac9d1994cc615e81ee037393

  • SHA256

    f9ebbf31433fe096b85efd20e808bf811fd0623406ad528246a4ec24d2380ca4

  • SHA512

    b3acc494ca323092c0235ca444e71097845294a19512651bc9de45a17c7fdb14ad771718606d96ded83f3823fb9adc912945cb8d13d6a6d4d5bd924ca58531ac

  • SSDEEP

    3072:a6JnKicCmrF7TLZYXSLS/BaKqdaPiRRgI/ZDsMRaesdy9/VkGabUf/b1p5A7:aEPcVF7TtqPEaPiRSlMwesd6kvbe/Jnk

Score
10/10
blackshadesdefense_evasiondiscoverypersistencerattrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_a168a3e87ad513360084f51576a80435

    • Size

      189KB

    • MD5

      a168a3e87ad513360084f51576a80435

    • SHA1

      8c1ab58e960ec7bbac9d1994cc615e81ee037393

    • SHA256

      f9ebbf31433fe096b85efd20e808bf811fd0623406ad528246a4ec24d2380ca4

    • SHA512

      b3acc494ca323092c0235ca444e71097845294a19512651bc9de45a17c7fdb14ad771718606d96ded83f3823fb9adc912945cb8d13d6a6d4d5bd924ca58531ac

    • SSDEEP

      3072:a6JnKicCmrF7TLZYXSLS/BaKqdaPiRRgI/ZDsMRaesdy9/VkGabUf/b1p5A7:aEPcVF7TtqPEaPiRSlMwesd6kvbe/Jnk

    Score
    10/10
    blackshadesdefense_evasiondiscoverypersistencerattrojanupx
    behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

3
T1547

Active Setup

1
T1547.014

Registry Run Keys / Startup Folder

2
T1547.001

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Boot or Logon Autostart Execution

3
T1547

Active Setup

1
T1547.014

Registry Run Keys / Startup Folder

2
T1547.001

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Impair Defenses

4
T1562

Disable or Modify System Firewall

1
T1562.004

Disable or Modify Tools

3
T1562.001

Modify Registry

9
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks