Overview

overview

7

Static

static

7

15632f7f89...18.exe

windows7-x64

7

15632f7f89...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    15632f7f8928e487e975ed2b5aa85bef_JaffaCakes118

  • Size

    861KB

  • Sample

    240627-ks4a7asgqb

  • MD5

    15632f7f8928e487e975ed2b5aa85bef

  • SHA1

    792fb305a0bd85bb3c7b4ce1254ba2d263f4ff96

  • SHA256

    54b61d3f863f404de7909eb2b05f1ea91a50f09d09028222803c6b1ae3f185cd

  • SHA512

    d529e83f4e19cff89dcd98cde0071a9c6b147f38a0bc521809f29a7bd76426392260dc9adf7cf32358d6a25e2bdfd49ab12be5f973c46c130860848f740ac6e1

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjNB:r5sJo6YrFUiyAak11LtjNB

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      15632f7f8928e487e975ed2b5aa85bef_JaffaCakes118

    • Size

      861KB

    • MD5

      15632f7f8928e487e975ed2b5aa85bef

    • SHA1

      792fb305a0bd85bb3c7b4ce1254ba2d263f4ff96

    • SHA256

      54b61d3f863f404de7909eb2b05f1ea91a50f09d09028222803c6b1ae3f185cd

    • SHA512

      d529e83f4e19cff89dcd98cde0071a9c6b147f38a0bc521809f29a7bd76426392260dc9adf7cf32358d6a25e2bdfd49ab12be5f973c46c130860848f740ac6e1

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjNB:r5sJo6YrFUiyAak11LtjNB

    Score
    7/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks