Overview

overview

7

Static

static

7

157d61f1a1...18.exe

windows7-x64

7

157d61f1a1...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    157d61f1a14a22afb5a349f19cbe40f8_JaffaCakes118

  • Size

    4.0MB

  • Sample

    240329-b8f16aeh65

  • MD5

    157d61f1a14a22afb5a349f19cbe40f8

  • SHA1

    32f4c548af98c588099598ff99259a41924cb661

  • SHA256

    815d88003f0ff71765f00c1c9ffead45a3a5d35d7f7ce118b4e50f84c54fac1e

  • SHA512

    a2e8150ab960ee73e74d7aeda14ee3b5f593e1b6b041c82772f4142da22e81fd0ad99240c3327e8e354707f8e96e06a1e516c2b3be25329f0e48bd61f2e968af

  • SSDEEP

    49152:PoFQC6mZq8J2OVijbTpTdc+M9XbgeN3LGmP7:gt6roZX7z7

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      157d61f1a14a22afb5a349f19cbe40f8_JaffaCakes118

    • Size

      4.0MB

    • MD5

      157d61f1a14a22afb5a349f19cbe40f8

    • SHA1

      32f4c548af98c588099598ff99259a41924cb661

    • SHA256

      815d88003f0ff71765f00c1c9ffead45a3a5d35d7f7ce118b4e50f84c54fac1e

    • SHA512

      a2e8150ab960ee73e74d7aeda14ee3b5f593e1b6b041c82772f4142da22e81fd0ad99240c3327e8e354707f8e96e06a1e516c2b3be25329f0e48bd61f2e968af

    • SSDEEP

      49152:PoFQC6mZq8J2OVijbTpTdc+M9XbgeN3LGmP7:gt6roZX7z7

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks