Overview

overview

7

Static

static

7

0827b32f15...18.exe

windows7-x64

7

0827b32f15...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0827b32f15e2d850cfa269b017207aaf_JaffaCakes118

  • Size

    301KB

  • Sample

    240624-m8nlsasenm

  • MD5

    0827b32f15e2d850cfa269b017207aaf

  • SHA1

    aa51719a47a48ee8c239ab03a78a41a00d212317

  • SHA256

    400c5c264a18dc4cf49342f66cf8d473394ef0ca11c08ad9f064be7211986069

  • SHA512

    0d8782fc9dec596594fe77db59725e0cd30cf568ee449ac1d4bd5ccd76ac16914576b357e6de6e13a1c0e11ade6724f77b3e94fb23d2fbce64e5f1e1a0c06553

  • SSDEEP

    6144:k5QDj7VtqyNhni4LJoZUHektYJQGX8vCQZVFKY4fgATvEo/+LPOCljo9VcIWQiLH:k52H1JVouHeIYr8vbVFKVgGEo2LPOC64

Score
7/10
adwarepersistencestealerupx

Malware Config

Targets

    • Target

      0827b32f15e2d850cfa269b017207aaf_JaffaCakes118

    • Size

      301KB

    • MD5

      0827b32f15e2d850cfa269b017207aaf

    • SHA1

      aa51719a47a48ee8c239ab03a78a41a00d212317

    • SHA256

      400c5c264a18dc4cf49342f66cf8d473394ef0ca11c08ad9f064be7211986069

    • SHA512

      0d8782fc9dec596594fe77db59725e0cd30cf568ee449ac1d4bd5ccd76ac16914576b357e6de6e13a1c0e11ade6724f77b3e94fb23d2fbce64e5f1e1a0c06553

    • SSDEEP

      6144:k5QDj7VtqyNhni4LJoZUHektYJQGX8vCQZVFKY4fgATvEo/+LPOCljo9VcIWQiLH:k52H1JVouHeIYr8vbVFKVgGEo2LPOC64

    Score
    7/10
    adwarepersistencestealerupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks