Overview

overview

7

Static

static

7

10b0574b94...18.exe

windows7-x64

7

10b0574b94...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    10b0574b9435597f6352248e750c998a_JaffaCakes118

  • Size

    4.7MB

  • Sample

    240503-q9ks3agg5x

  • MD5

    10b0574b9435597f6352248e750c998a

  • SHA1

    7a4b5a7c6e15f86b4fe7571b82ea4c869041830a

  • SHA256

    26c749411a38e8d6185fc7b49fa173f65ae73fe7e81f7f4ae1f6812ddc378ea1

  • SHA512

    bd4c0857d5f60e9ca82a88475d71043215fc92f2b0201a3758b93c9b797ba6a718483ba7d2eb9875bcc2805b67636e0f942cfa2140cccf0302281176ede29eab

  • SSDEEP

    98304:Ae4d8iEityhkhqloaxeq7jhIXUvPBnnom2LSqLyC:nCnyhkhBaxem1tPBn2uqv

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      10b0574b9435597f6352248e750c998a_JaffaCakes118

    • Size

      4.7MB

    • MD5

      10b0574b9435597f6352248e750c998a

    • SHA1

      7a4b5a7c6e15f86b4fe7571b82ea4c869041830a

    • SHA256

      26c749411a38e8d6185fc7b49fa173f65ae73fe7e81f7f4ae1f6812ddc378ea1

    • SHA512

      bd4c0857d5f60e9ca82a88475d71043215fc92f2b0201a3758b93c9b797ba6a718483ba7d2eb9875bcc2805b67636e0f942cfa2140cccf0302281176ede29eab

    • SSDEEP

      98304:Ae4d8iEityhkhqloaxeq7jhIXUvPBnnom2LSqLyC:nCnyhkhBaxem1tPBn2uqv

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks