Overview

overview

10

Static

static

3

63e7b5139a...18.exe

windows7-x64

10

63e7b5139a...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    63e7b5139afc6a5d54bebf5a518b2daf_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240521-tlj4eabd7z

  • MD5

    63e7b5139afc6a5d54bebf5a518b2daf

  • SHA1

    8e4440701672ec7591f742de92e9748649ac156f

  • SHA256

    26fd2c3c123d9a18ec4311f5a82bbe79a4190a89bce0e4d73e251f357484468f

  • SHA512

    02ddcce9f5383a05c29b1bfb33e67379717bc08047228dc047c77c81796039a8702aa0b311eb253c4855f1910700412145d62cf2a2779ea0be88b833c020ed01

  • SSDEEP

    24576:GHlsQzLKOu9Bh+p/Ps01E6TbBYGvZby9l14+eHnC2Dk6:GFsQzNuU/PLhTVY39liPC29

Score
10/10
xmrigexecutionminerpersistenceupx

Malware Config

Targets

    • Target

      63e7b5139afc6a5d54bebf5a518b2daf_JaffaCakes118

    • Size

      1.1MB

    • MD5

      63e7b5139afc6a5d54bebf5a518b2daf

    • SHA1

      8e4440701672ec7591f742de92e9748649ac156f

    • SHA256

      26fd2c3c123d9a18ec4311f5a82bbe79a4190a89bce0e4d73e251f357484468f

    • SHA512

      02ddcce9f5383a05c29b1bfb33e67379717bc08047228dc047c77c81796039a8702aa0b311eb253c4855f1910700412145d62cf2a2779ea0be88b833c020ed01

    • SSDEEP

      24576:GHlsQzLKOu9Bh+p/Ps01E6TbBYGvZby9l14+eHnC2Dk6:GFsQzNuU/PLhTVY39liPC29

    Score
    10/10
    xmrigexecutionminerpersistenceupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Creates new service(s)

      persistenceexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks