Overview

overview

7

Static

static

3

73ac3d3671...18.exe

windows7-x64

7

73ac3d3671...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    73ac3d3671c55618e31e2e3d668d3186_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240525-3xq6jafb3x

  • MD5

    73ac3d3671c55618e31e2e3d668d3186

  • SHA1

    dbb54bed305f77af2cb299ac843e9e0a137ef65c

  • SHA256

    73a98a6b391f978179322edba6ab525d86adba220ab4ed219b8f9ecec021959b

  • SHA512

    1bebe1e36321817662f07eff1d2e30bce155482aeb2a7ea5171b6a8e471d4f8cd65dde6eb10d27a5e18b05b9ece824de90027d5102b1c53a67ee9fd1a6381f1d

  • SSDEEP

    24576:pRfype0AqV38mJNv3/AbEYnwf3W8QgJO/CwBSmq28wy5kYc:pR6peU8m7/A/nQikO3smq2FkkR

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      73ac3d3671c55618e31e2e3d668d3186_JaffaCakes118

    • Size

      1.0MB

    • MD5

      73ac3d3671c55618e31e2e3d668d3186

    • SHA1

      dbb54bed305f77af2cb299ac843e9e0a137ef65c

    • SHA256

      73a98a6b391f978179322edba6ab525d86adba220ab4ed219b8f9ecec021959b

    • SHA512

      1bebe1e36321817662f07eff1d2e30bce155482aeb2a7ea5171b6a8e471d4f8cd65dde6eb10d27a5e18b05b9ece824de90027d5102b1c53a67ee9fd1a6381f1d

    • SSDEEP

      24576:pRfype0AqV38mJNv3/AbEYnwf3W8QgJO/CwBSmq28wy5kYc:pR6peU8m7/A/nQikO3smq2FkkR

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks