Overview

overview

8

Static

static

3

1042af3532...18.exe

windows7-x64

8

1042af3532...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1042af35325a2d4997f77b0a7e2b812f_JaffaCakes118

  • Size

    369KB

  • Sample

    240626-bw1vssyhkm

  • MD5

    1042af35325a2d4997f77b0a7e2b812f

  • SHA1

    b3a515bde876166e4cce21d29d1652d4326c4b08

  • SHA256

    c7b1d0702202ca3d3e3076e02f01ebc884d5b917ae781acf5c9af8e08bda9c7e

  • SHA512

    e1cc6f16ee5063c90b21bad3cc7ef5c782257ee8481c9b2f1512dbf8f9acf0412f8c82943f96910ac7f13d8afa8bd8601c5c02c30f51c64d7c30c1feb9c2df7b

  • SSDEEP

    6144:tp3b4rcdZmb1xe6Ie8XKxHTsi1L6bRYay5FB+6ebba6Xl3V:DbS2mxQXwHKNNy5rV6pV

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      1042af35325a2d4997f77b0a7e2b812f_JaffaCakes118

    • Size

      369KB

    • MD5

      1042af35325a2d4997f77b0a7e2b812f

    • SHA1

      b3a515bde876166e4cce21d29d1652d4326c4b08

    • SHA256

      c7b1d0702202ca3d3e3076e02f01ebc884d5b917ae781acf5c9af8e08bda9c7e

    • SHA512

      e1cc6f16ee5063c90b21bad3cc7ef5c782257ee8481c9b2f1512dbf8f9acf0412f8c82943f96910ac7f13d8afa8bd8601c5c02c30f51c64d7c30c1feb9c2df7b

    • SSDEEP

      6144:tp3b4rcdZmb1xe6Ie8XKxHTsi1L6bRYay5FB+6ebba6Xl3V:DbS2mxQXwHKNNy5rV6pV

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks