Overview

overview

7

Static

static

3

ee1ec84198...18.exe

windows7-x64

7

ee1ec84198...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee1ec841983e28a2f7da33a189a89124_JaffaCakes118

  • Size

    15KB

  • Sample

    240411-xmlv6sdd2v

  • MD5

    ee1ec841983e28a2f7da33a189a89124

  • SHA1

    3c6bdf64d05d6824dd60391bd041e75ea1c6b48d

  • SHA256

    b6060ab9a84b6142511ff06565a681f4f16c20924f1ca46089f37ee18f44e6be

  • SHA512

    11e204a23a8d69feb5921d928ea47c1d3a8c7db3d114005584d656d2305a8ce6af3af73ab1a836b74978c0704ef23e4cc0c334a857e6bcf183e3eb7d1d6ae1ba

  • SSDEEP

    192:9iIRC3BrWVWkytDZtEXwY0D61UpFyWBxQ1eHcubO0qbYkcEjEma:9ih3BrW4tDW+EEcWBt8kOLj

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      ee1ec841983e28a2f7da33a189a89124_JaffaCakes118

    • Size

      15KB

    • MD5

      ee1ec841983e28a2f7da33a189a89124

    • SHA1

      3c6bdf64d05d6824dd60391bd041e75ea1c6b48d

    • SHA256

      b6060ab9a84b6142511ff06565a681f4f16c20924f1ca46089f37ee18f44e6be

    • SHA512

      11e204a23a8d69feb5921d928ea47c1d3a8c7db3d114005584d656d2305a8ce6af3af73ab1a836b74978c0704ef23e4cc0c334a857e6bcf183e3eb7d1d6ae1ba

    • SSDEEP

      192:9iIRC3BrWVWkytDZtEXwY0D61UpFyWBxQ1eHcubO0qbYkcEjEma:9ih3BrW4tDW+EEcWBt8kOLj

    Score
    7/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks