Overview

overview

7

Static

static

7

fc845fae84...18.exe

windows7-x64

7

fc845fae84...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fc845fae842ab05c4e376c2ce7c7cf10_JaffaCakes118

  • Size

    254KB

  • Sample

    240420-l6wc6sea87

  • MD5

    fc845fae842ab05c4e376c2ce7c7cf10

  • SHA1

    a041fe4324dda0b30c2ffd0c1bc4e4ee3d51ac40

  • SHA256

    afc51c0775dbc2a58258c1e64f669272eb20939a662e4069d680a9a37d41d246

  • SHA512

    a5c98e063c6522675b503573538d18271c8f2cf338a540f06f0c9d0b1c939100a9e8935281c374da234c9586987bfc93c4443e2caf6c009f946422e9f8ee8754

  • SSDEEP

    3072:peK1nX1nGODbQ7GpeK1nX1nGODbQ1AlnWAzpl5QEanCxBgPGPfjhn2UGAo0/cPa:Pnl/DUGPnl/Dq4JfaCxBrnBBo8T

Score
7/10
aspackv2persistencespywarestealer

Malware Config

Targets

    • Target

      fc845fae842ab05c4e376c2ce7c7cf10_JaffaCakes118

    • Size

      254KB

    • MD5

      fc845fae842ab05c4e376c2ce7c7cf10

    • SHA1

      a041fe4324dda0b30c2ffd0c1bc4e4ee3d51ac40

    • SHA256

      afc51c0775dbc2a58258c1e64f669272eb20939a662e4069d680a9a37d41d246

    • SHA512

      a5c98e063c6522675b503573538d18271c8f2cf338a540f06f0c9d0b1c939100a9e8935281c374da234c9586987bfc93c4443e2caf6c009f946422e9f8ee8754

    • SSDEEP

      3072:peK1nX1nGODbQ7GpeK1nX1nGODbQ1AlnWAzpl5QEanCxBgPGPfjhn2UGAo0/cPa:Pnl/DUGPnl/Dq4JfaCxBrnBBo8T

    Score
    7/10
    aspackv2persistencespywarestealer

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks