Overview

overview

7

Static

static

3

175e0c992c...18.exe

windows7-x64

7

175e0c992c...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    175e0c992c5f16181773946803ce6624_JaffaCakes118

  • Size

    116KB

  • Sample

    240627-yycx3s1apn

  • MD5

    175e0c992c5f16181773946803ce6624

  • SHA1

    e742a17932106109f3044b7b69777f3803d1fb4f

  • SHA256

    c7dc414effdb429d1457515940fa3a2bfc80ce3164552bd1f8accebd446bb3ab

  • SHA512

    57bb4f82dbc6f3ef35aadd1d09bdbce281c5f6cba70554c66bb21d24c4054f043784e7787064c6de62e9f3ac7af210ed4632d9e76a0279d0ced77416197080f0

  • SSDEEP

    1536:sTXsDOMfOpK7fdHSFVo/sK7bpEVFTXlTVgkGmRoAjR3kMbRGSQXPXspp:sTcS9K7fdHDsK7VE7l6kGmRoe3kBLP

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      175e0c992c5f16181773946803ce6624_JaffaCakes118

    • Size

      116KB

    • MD5

      175e0c992c5f16181773946803ce6624

    • SHA1

      e742a17932106109f3044b7b69777f3803d1fb4f

    • SHA256

      c7dc414effdb429d1457515940fa3a2bfc80ce3164552bd1f8accebd446bb3ab

    • SHA512

      57bb4f82dbc6f3ef35aadd1d09bdbce281c5f6cba70554c66bb21d24c4054f043784e7787064c6de62e9f3ac7af210ed4632d9e76a0279d0ced77416197080f0

    • SSDEEP

      1536:sTXsDOMfOpK7fdHSFVo/sK7bpEVFTXlTVgkGmRoAjR3kMbRGSQXPXspp:sTcS9K7fdHDsK7VE7l6kGmRoe3kBLP

    Score
    7/10
    persistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks