Overview

overview

7

Static

static

7

b0f3047363...18.exe

windows7-x64

7

b0f3047363...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0f304736377e55fe31b3fa3fccf0afe_JaffaCakes118

  • Size

    4.7MB

  • Sample

    240616-a2nxrawbjk

  • MD5

    b0f304736377e55fe31b3fa3fccf0afe

  • SHA1

    8541090a08b6848c6fdc7d4321aa5f828d5192a6

  • SHA256

    f999eea160b121c85dd8e87864f0a370f3747c60247683ea9ef98f0be25d852f

  • SHA512

    9d56af92258fab3ff15dbc37b40d3c21c84e3fd5641deb365c558998743cf828ef7010a4c376620d46f9b5d24bab70a74617df46cd1b0ad6b1d145e56aa6623f

  • SSDEEP

    98304:Tl88udp4A2evUNGnVuUwGLVWy0/OQmjmUah6rpHDC:yzDiNyiXfGDvg

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      b0f304736377e55fe31b3fa3fccf0afe_JaffaCakes118

    • Size

      4.7MB

    • MD5

      b0f304736377e55fe31b3fa3fccf0afe

    • SHA1

      8541090a08b6848c6fdc7d4321aa5f828d5192a6

    • SHA256

      f999eea160b121c85dd8e87864f0a370f3747c60247683ea9ef98f0be25d852f

    • SHA512

      9d56af92258fab3ff15dbc37b40d3c21c84e3fd5641deb365c558998743cf828ef7010a4c376620d46f9b5d24bab70a74617df46cd1b0ad6b1d145e56aa6623f

    • SSDEEP

      98304:Tl88udp4A2evUNGnVuUwGLVWy0/OQmjmUah6rpHDC:yzDiNyiXfGDvg

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks