General

  • Target

    a6306c79f2996f893dec6bc8fa94eb84_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240613-sknvjayanq

  • MD5

    a6306c79f2996f893dec6bc8fa94eb84

  • SHA1

    f214638c62f123ad40cf093f97f14a174962c593

  • SHA256

    9fac22e098a25975b035b01c42f1412d4daa60ffe0cffc51b71c2c8d65bec9a6

  • SHA512

    4ae7666471127ad3fb956b62637d0878e1b584fed625f9cc3b29e19910b31c59e4cf4bd22100f8413fae44d99f9028124071f2228eb565c0ed80c3b2de0080f1

  • SSDEEP

    24576:Wo6cLUSoUBJGnp7cxLy8ombKwS0DdHQWEeFB8bJ6otCZ:WhAOUGnp7HKd5fkFsZ

Score
7/10
upx

Malware Config

Targets

    • Target

      a6306c79f2996f893dec6bc8fa94eb84_JaffaCakes118

    • Size

      1.1MB

    • MD5

      a6306c79f2996f893dec6bc8fa94eb84

    • SHA1

      f214638c62f123ad40cf093f97f14a174962c593

    • SHA256

      9fac22e098a25975b035b01c42f1412d4daa60ffe0cffc51b71c2c8d65bec9a6

    • SHA512

      4ae7666471127ad3fb956b62637d0878e1b584fed625f9cc3b29e19910b31c59e4cf4bd22100f8413fae44d99f9028124071f2228eb565c0ed80c3b2de0080f1

    • SSDEEP

      24576:Wo6cLUSoUBJGnp7cxLy8ombKwS0DdHQWEeFB8bJ6otCZ:WhAOUGnp7HKd5fkFsZ

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $TEMP/BASSMOD.dll

    • Size

      33KB

    • MD5

      e4ec57e8508c5c4040383ebe6d367928

    • SHA1

      b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06

    • SHA256

      8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f

    • SHA512

      77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822

    • SSDEEP

      768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0

    Score
    1/10
    • Target

      $TEMP/R2RJUCE.dll

    • Size

      113KB

    • MD5

      c4b4991d621f406e49d86757ee01dd40

    • SHA1

      0570fb52e33f2434373ad74851c5811e8fb158d5

    • SHA256

      7142f93fa14137d57971611435c0faac9a1eb9e2b628df26242eeb095558c968

    • SHA512

      b38baa568ea77e77ff34c894f892bc868b321f6a7c481091c7d48e986fe078482b0ecf6123066bbe2f4d6d60aeb4e4c498cb2add2dd60dd876200b18d80b69f8

    • SSDEEP

      3072:O+Es84qJJG9KXO6Z/7tt1jKlmELcUYd4ahCMUoNSj40NAH8u3+w3:O+mkk9jtfWYvWahZUooUYo8u3+A

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $TEMP/keygen.exe

    • Size

      842KB

    • MD5

      1c662492180514144db462edca9f9d20

    • SHA1

      aa0c2cc7365c514ab75f5be46b0e73f07417c87d

    • SHA256

      dffb8c5f3b46e41e1a1815f12b8df5f10b05ff71b94bc7d243cab33d13eaa625

    • SHA512

      3a049cf4c9cadc7af1b4c1443c5f05f878a77ee07a9292faa9c49763ebfcb528370c35b97b7062ab3eb02d49a2df8a23f16a868230d36bcf6308183a663d411e

    • SSDEEP

      24576:7umonR5f5pLT5LGWA94DxMefqDLr8J5pAua7ywd:7c5pLT5LPA9IxMKqDLr8J5pAzmwd

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks