Overview

overview

10

Static

static

3

ffa2e3ea84...18.exe

windows7-x64

10

ffa2e3ea84...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    ffa2e3ea8478cbe88742b4b5db02996f_JaffaCakes118

  • Size

    139KB

  • Sample

    240421-tbhslaee73

  • MD5

    ffa2e3ea8478cbe88742b4b5db02996f

  • SHA1

    5bdebec53d8980056ba096a71b4854d6f7ce7ba7

  • SHA256

    c94b23825e2fefa33f7bf4d65341638aa3324546d8fb776bf06f08fbe0b28939

  • SHA512

    b27fd6943978e1ed89a6b8c796ea37790c37abd9c01d49571b678bdfe77ced4ca0a224834f380341b1b11e355be9b584688be5e8a2bb1a61d12fd4860fe8cca3

  • SSDEEP

    3072:f3jZEN4Po8F535lw57GY0Z8FOwxyTJYzGFjyxA+I6z1EV1N0leSdHk:7+NYTF533w57GY0+DxUJD5yxARUxgSdE

Score
10/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      ffa2e3ea8478cbe88742b4b5db02996f_JaffaCakes118

    • Size

      139KB

    • MD5

      ffa2e3ea8478cbe88742b4b5db02996f

    • SHA1

      5bdebec53d8980056ba096a71b4854d6f7ce7ba7

    • SHA256

      c94b23825e2fefa33f7bf4d65341638aa3324546d8fb776bf06f08fbe0b28939

    • SHA512

      b27fd6943978e1ed89a6b8c796ea37790c37abd9c01d49571b678bdfe77ced4ca0a224834f380341b1b11e355be9b584688be5e8a2bb1a61d12fd4860fe8cca3

    • SSDEEP

      3072:f3jZEN4Po8F535lw57GY0Z8FOwxyTJYzGFjyxA+I6z1EV1N0leSdHk:7+NYTF533w57GY0+DxUJD5yxARUxgSdE

    Score
    10/10
    persistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks