Overview

overview

7

Static

static

7

3e1429021f...18.exe

windows7-x64

7

3e1429021f...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3e1429021f99a28e1773f35439506fdb_JaffaCakes118

  • Size

    3.7MB

  • Sample

    240514-gefq7acf61

  • MD5

    3e1429021f99a28e1773f35439506fdb

  • SHA1

    c3ad93f99c15c00cd7ae397d041a8487a9b9554d

  • SHA256

    3d22331f6af2e7eb8fe787cc97b215e99b3185dc7847851489e1d81f5f519199

  • SHA512

    422f43c6dc7b18a1a3a49d1cc3f1fa3950a2a32166ee23ddc0fb7703b3c3cf279602951d339959e7a681078dbac45ff7ee1307750571f250a30cd410e193e343

  • SSDEEP

    98304:haZH4mekKrBzFy+6n0hW4VXa1V1sHrAiJ2WWsw0:haZH5KlzYlktadsLARsv

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      3e1429021f99a28e1773f35439506fdb_JaffaCakes118

    • Size

      3.7MB

    • MD5

      3e1429021f99a28e1773f35439506fdb

    • SHA1

      c3ad93f99c15c00cd7ae397d041a8487a9b9554d

    • SHA256

      3d22331f6af2e7eb8fe787cc97b215e99b3185dc7847851489e1d81f5f519199

    • SHA512

      422f43c6dc7b18a1a3a49d1cc3f1fa3950a2a32166ee23ddc0fb7703b3c3cf279602951d339959e7a681078dbac45ff7ee1307750571f250a30cd410e193e343

    • SSDEEP

      98304:haZH4mekKrBzFy+6n0hW4VXa1V1sHrAiJ2WWsw0:haZH5KlzYlktadsLARsv

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks