Overview

overview

7

Static

static

7

64770c4a3e...18.exe

windows7-x64

7

64770c4a3e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64770c4a3e1181dc2dfa227b5b0e2169_JaffaCakes118

  • Size

    5.8MB

  • Sample

    240521-x2gj1aff64

  • MD5

    64770c4a3e1181dc2dfa227b5b0e2169

  • SHA1

    b83d11fb9f2e4bb30a1c04b02cec4df7e2983aa4

  • SHA256

    a7601962f9c7d22e8a9b442bad002177190c4a7fb06e2338a483e7fb7e0692ef

  • SHA512

    a573479b2d9ecec5a7dc86e8f10dbfc2dbda2957eab143f7abca4676d37f6d05777f2db34dea6ba4fc989635a0d3e5c8f4ee82205c85f2d6c276c73d7dbf2621

  • SSDEEP

    98304:jJdLLBuT8BQ8J8kCzg2x5AO6ly8XyJ33uy7De49SYJqFzJaA1:j7Lo8Bb7AwO6lyJD3AFb

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      64770c4a3e1181dc2dfa227b5b0e2169_JaffaCakes118

    • Size

      5.8MB

    • MD5

      64770c4a3e1181dc2dfa227b5b0e2169

    • SHA1

      b83d11fb9f2e4bb30a1c04b02cec4df7e2983aa4

    • SHA256

      a7601962f9c7d22e8a9b442bad002177190c4a7fb06e2338a483e7fb7e0692ef

    • SHA512

      a573479b2d9ecec5a7dc86e8f10dbfc2dbda2957eab143f7abca4676d37f6d05777f2db34dea6ba4fc989635a0d3e5c8f4ee82205c85f2d6c276c73d7dbf2621

    • SSDEEP

      98304:jJdLLBuT8BQ8J8kCzg2x5AO6ly8XyJ33uy7De49SYJqFzJaA1:j7Lo8Bb7AwO6lyJD3AFb

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks