Overview

overview

9

Static

static

3

4442240ba8...18.exe

windows7-x64

9

4442240ba8...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4442240ba830bb1d5093ec6904091d2a_JaffaCakes118

  • Size

    3.4MB

  • Sample

    240515-deyp8aec83

  • MD5

    4442240ba830bb1d5093ec6904091d2a

  • SHA1

    db7ef70ef60f9db0349e67844e8db289fc99edd9

  • SHA256

    210e44ef10b6a627a39f4cf45780fcdaf1ade2287367aeeed9afa593054b6219

  • SHA512

    c1799f69a7059bf23fdeebed331fa59cbaa5774e5f31f58ecb118868f9ef0459f5499058c9a4fea2cd65f246be3d2d5327c3c60d6e0bf3735e8dd41fbad85b1e

  • SSDEEP

    49152:P5l3vsadSXs4lL3cH1k0albNY4EshSbHSo9j/TrOllMl2oKYB7bOoGk4I09yJuT:Pz0zlQH18l+4EPeot/TrOllU8JsuT

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      4442240ba830bb1d5093ec6904091d2a_JaffaCakes118

    • Size

      3.4MB

    • MD5

      4442240ba830bb1d5093ec6904091d2a

    • SHA1

      db7ef70ef60f9db0349e67844e8db289fc99edd9

    • SHA256

      210e44ef10b6a627a39f4cf45780fcdaf1ade2287367aeeed9afa593054b6219

    • SHA512

      c1799f69a7059bf23fdeebed331fa59cbaa5774e5f31f58ecb118868f9ef0459f5499058c9a4fea2cd65f246be3d2d5327c3c60d6e0bf3735e8dd41fbad85b1e

    • SSDEEP

      49152:P5l3vsadSXs4lL3cH1k0albNY4EshSbHSo9j/TrOllMl2oKYB7bOoGk4I09yJuT:Pz0zlQH18l+4EPeot/TrOllU8JsuT

    Score
    9/10
    evasionupx

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks