Overview

overview

8

Static

static

7

f5cf99ffeb...18.exe

windows7-x64

8

f5cf99ffeb...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5cf99ffeb0c5cb2a6bc8b187159f6be_JaffaCakes118

  • Size

    61KB

  • Sample

    240417-p4akgafh87

  • MD5

    f5cf99ffeb0c5cb2a6bc8b187159f6be

  • SHA1

    93637b0044fb7af91cc34093f4a007c77088a00c

  • SHA256

    ff62f55b29ba84072f70d666727f91aba9582f84372b20892914c48392a11237

  • SHA512

    695ee7ce580f31b5e5d75d0ad1ce525cfb3ae429349be390466538b8b6429ff2a1aa851cb72c54f130647fa2e13788748307cd3a126b18c171faae86ec85b5b3

  • SSDEEP

    1536:9U8vATX1zi9OK690/Vi/bWQEMRNiGexsn7nHh:97gFi930/bWQPRSaHh

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      f5cf99ffeb0c5cb2a6bc8b187159f6be_JaffaCakes118

    • Size

      61KB

    • MD5

      f5cf99ffeb0c5cb2a6bc8b187159f6be

    • SHA1

      93637b0044fb7af91cc34093f4a007c77088a00c

    • SHA256

      ff62f55b29ba84072f70d666727f91aba9582f84372b20892914c48392a11237

    • SHA512

      695ee7ce580f31b5e5d75d0ad1ce525cfb3ae429349be390466538b8b6429ff2a1aa851cb72c54f130647fa2e13788748307cd3a126b18c171faae86ec85b5b3

    • SSDEEP

      1536:9U8vATX1zi9OK690/Vi/bWQEMRNiGexsn7nHh:97gFi930/bWQPRSaHh

    Score
    8/10
    persistenceupx

    • Modifies AppInit DLL entries

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks