Overview

overview

10

Static

static

10

JaffaCakes...42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a6568c74c15d79c4312ca47f9e1e3b42

  • Size

    59KB

  • Sample

    250409-xkrzeazk18

  • MD5

    a6568c74c15d79c4312ca47f9e1e3b42

  • SHA1

    63e3b8cff69eb3561dddf28b042671cb0c8d2ef4

  • SHA256

    8ccb78e4c7e15c353c3310896dcee5ab60b651743d779cb7384a66654e8a9454

  • SHA512

    e39057c7cdab408cec9e8adc73975c03f0551137adbf9b9849a79719c0cb470e07f265ed6c5f059bfa752d12591fc89c0c0e348e6fd57c066d85c15b42a1cc36

  • SSDEEP

    768:FghGEX/ija+1IJmhh9F3oPg+8ZhjPyf+dmb84ioypo/VYCfsM18wDOoHHPRiv9KU:mGEmhhMY+3fewoo2uYCqWVPAv9/3qQ9v

Score
10/10
bruteratelbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      JaffaCakes118_a6568c74c15d79c4312ca47f9e1e3b42

    • Size

      59KB

    • MD5

      a6568c74c15d79c4312ca47f9e1e3b42

    • SHA1

      63e3b8cff69eb3561dddf28b042671cb0c8d2ef4

    • SHA256

      8ccb78e4c7e15c353c3310896dcee5ab60b651743d779cb7384a66654e8a9454

    • SHA512

      e39057c7cdab408cec9e8adc73975c03f0551137adbf9b9849a79719c0cb470e07f265ed6c5f059bfa752d12591fc89c0c0e348e6fd57c066d85c15b42a1cc36

    • SSDEEP

      768:FghGEX/ija+1IJmhh9F3oPg+8ZhjPyf+dmb84ioypo/VYCfsM18wDOoHHPRiv9KU:mGEmhhMY+3fewoo2uYCqWVPAv9/3qQ9v

    Score
    10/10
    bruteratelbackdoordiscoverypersistence

    • Brute Ratel C4

      A customized command and control framework for red teaming and adversary simulation.

      backdoorbruteratel

    • Bruteratel family

      bruteratel

    • Detect BruteRatel badger

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks