Overview

overview

7

Static

static

3

1558ad9c35...18.exe

windows7-x64

7

1558ad9c35...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1558ad9c359fd23d599b6639be6ff279_JaffaCakes118

  • Size

    862KB

  • Sample

    240627-kg9zlavbmj

  • MD5

    1558ad9c359fd23d599b6639be6ff279

  • SHA1

    c63f3d1023f81f31b5afff8b591ab699afc0a1d5

  • SHA256

    3138c8d1f5f2c3d990b025bf68ae35fdc5634184d50b3bbff005d01218011672

  • SHA512

    6a00b57dfaebfe675582e782a9f81319757020030b70f4527ed0aa9d39e2afc59eaebc2661b6be1402c84a2a468fd2f754c2d279eb1ef589292038056d7d19f8

  • SSDEEP

    24576:ydXGdo51lmsw7umJuz7//FsDX9AvvzllsL/Ds:kXualmsw7P6//FsDuHq

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      1558ad9c359fd23d599b6639be6ff279_JaffaCakes118

    • Size

      862KB

    • MD5

      1558ad9c359fd23d599b6639be6ff279

    • SHA1

      c63f3d1023f81f31b5afff8b591ab699afc0a1d5

    • SHA256

      3138c8d1f5f2c3d990b025bf68ae35fdc5634184d50b3bbff005d01218011672

    • SHA512

      6a00b57dfaebfe675582e782a9f81319757020030b70f4527ed0aa9d39e2afc59eaebc2661b6be1402c84a2a468fd2f754c2d279eb1ef589292038056d7d19f8

    • SSDEEP

      24576:ydXGdo51lmsw7umJuz7//FsDX9AvvzllsL/Ds:kXualmsw7P6//FsDuHq

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks