Overview

overview

7

Static

static

3

36b4cb0821...18.exe

windows7-x64

7

36b4cb0821...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36b4cb08211b0428ac44209ff4860b41_JaffaCakes118

  • Size

    677KB

  • Sample

    240511-1nby5saf31

  • MD5

    36b4cb08211b0428ac44209ff4860b41

  • SHA1

    0336cf962ca7bbe4e8ceb5fd7870c8e51a04bb75

  • SHA256

    1b3190bd9170d8a74c558e674de5d62bb868c4a6a4187a03055534d4e1f6834a

  • SHA512

    3005ac93de4645536757ef16a0b18acfe6d05fb2c9f21ea0903ee873cb81db9db65c60b486fc9d2bb128d57a1dd3b77839f46b2a4c1ed637f32a746e7df2904f

  • SSDEEP

    12288:6PzEdQf8PKZuysOiaf8ubxUT66bbj3WwhFNHuRPMrxaHdrv9dDN6:2SQfVuyse3tUTrjGwoPAIdR

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      36b4cb08211b0428ac44209ff4860b41_JaffaCakes118

    • Size

      677KB

    • MD5

      36b4cb08211b0428ac44209ff4860b41

    • SHA1

      0336cf962ca7bbe4e8ceb5fd7870c8e51a04bb75

    • SHA256

      1b3190bd9170d8a74c558e674de5d62bb868c4a6a4187a03055534d4e1f6834a

    • SHA512

      3005ac93de4645536757ef16a0b18acfe6d05fb2c9f21ea0903ee873cb81db9db65c60b486fc9d2bb128d57a1dd3b77839f46b2a4c1ed637f32a746e7df2904f

    • SSDEEP

      12288:6PzEdQf8PKZuysOiaf8ubxUT66bbj3WwhFNHuRPMrxaHdrv9dDN6:2SQfVuyse3tUTrjGwoPAIdR

    Score
    7/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks