Overview

overview

7

Static

static

7

5ba7fec1d9...18.exe

windows7-x64

7

5ba7fec1d9...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    5ba7fec1d9e3e2cce7400e0977e3f1b3_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240519-1pq5fsbe84

  • MD5

    5ba7fec1d9e3e2cce7400e0977e3f1b3

  • SHA1

    3fc0194f5c0dc4aa9d0204670739c2668f1d893b

  • SHA256

    e6fdea1f57c56b74ebcc5ead18ae5ca8ad657fbdc66001040cf1693008f40ab8

  • SHA512

    9e6305c01d63a2ec4a0c4375276fbc624244f2b122d32335308ab1319177e3b51ef38096cbd2677777a045a4d205f378244c5e03c9a4061f873118bddc158c20

  • SSDEEP

    24576:Vw7kl6//yr1XiZYfa61xmUmtE1oEmw5+40Cwzh92+K7jHxUuzXSAaEVjjHqe/3:+7kNr1mYCmxmltqmwokwz+7L7SAvJqef

Score
7/10
evasionupx

Malware Config

Targets

    • Target

      5ba7fec1d9e3e2cce7400e0977e3f1b3_JaffaCakes118

    • Size

      1.4MB

    • MD5

      5ba7fec1d9e3e2cce7400e0977e3f1b3

    • SHA1

      3fc0194f5c0dc4aa9d0204670739c2668f1d893b

    • SHA256

      e6fdea1f57c56b74ebcc5ead18ae5ca8ad657fbdc66001040cf1693008f40ab8

    • SHA512

      9e6305c01d63a2ec4a0c4375276fbc624244f2b122d32335308ab1319177e3b51ef38096cbd2677777a045a4d205f378244c5e03c9a4061f873118bddc158c20

    • SSDEEP

      24576:Vw7kl6//yr1XiZYfa61xmUmtE1oEmw5+40Cwzh92+K7jHxUuzXSAaEVjjHqe/3:+7kNr1mYCmxmltqmwokwz+7L7SAvJqef

    Score
    7/10
    evasionupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks