Overview

overview

8

Static

static

7

19007cf9bd...18.exe

windows7-x64

8

19007cf9bd...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    19007cf9bdbfc864c540d51753a1e164_JaffaCakes118

  • Size

    51KB

  • Sample

    240628-gf3mcawhpr

  • MD5

    19007cf9bdbfc864c540d51753a1e164

  • SHA1

    9f3dcf497ddb911997b64df8d78a177873509404

  • SHA256

    53a843f4944aa0791062b3bee2f61bf1aa83632440357ea4cf87bbba6c3d494f

  • SHA512

    b7fa8c15b9523a234898acfa95a1e060bb40824fbc79bfe8d5f3ca12351dc2feab219ac7b883c7a74f6b22568636d2d632b3e2e3c74943d50b4899df3c43dffe

  • SSDEEP

    1536:Ojo5gjkPOWvJ+EsLkDqvOmrdbYhQb2eNwH:dgMOOcMqvvbYhXGwH

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      19007cf9bdbfc864c540d51753a1e164_JaffaCakes118

    • Size

      51KB

    • MD5

      19007cf9bdbfc864c540d51753a1e164

    • SHA1

      9f3dcf497ddb911997b64df8d78a177873509404

    • SHA256

      53a843f4944aa0791062b3bee2f61bf1aa83632440357ea4cf87bbba6c3d494f

    • SHA512

      b7fa8c15b9523a234898acfa95a1e060bb40824fbc79bfe8d5f3ca12351dc2feab219ac7b883c7a74f6b22568636d2d632b3e2e3c74943d50b4899df3c43dffe

    • SSDEEP

      1536:Ojo5gjkPOWvJ+EsLkDqvOmrdbYhQb2eNwH:dgMOOcMqvvbYhXGwH

    Score
    8/10
    persistenceupx

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • Deletes itself

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks