Overview

overview

9

Static

static

3

28716d8b39...18.exe

windows7-x64

9

28716d8b39...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28716d8b39ab72c04e160c0ceae5b962_JaffaCakes118

  • Size

    736KB

  • Sample

    240706-rjd39szfjr

  • MD5

    28716d8b39ab72c04e160c0ceae5b962

  • SHA1

    7d61e80a3c9e5d46cf5667ce7de9b28cecbcee06

  • SHA256

    73ac6d723c74a7aa9e6b7727317025a316be470dadb978cba66eb0457b94b513

  • SHA512

    d0f0f2435498b7443f09356377dfd03eaad0c4472752c86783351a27c9933ab6440ee837031fe468b3fdf8e9100d4b99f8287ffce22068eb6dca430f3d88a0b8

  • SSDEEP

    12288:0z9/32XvY6CD6zzXGytE0/OJKG+UlIKfJuUKo1nWjhStiSbUccDJIwsromC:Y9vesuzzXGyO0/OJKiICuUKtYcwUccHp

Score
9/10
collectionspywarestealerupx

Malware Config

Targets

    • Target

      28716d8b39ab72c04e160c0ceae5b962_JaffaCakes118

    • Size

      736KB

    • MD5

      28716d8b39ab72c04e160c0ceae5b962

    • SHA1

      7d61e80a3c9e5d46cf5667ce7de9b28cecbcee06

    • SHA256

      73ac6d723c74a7aa9e6b7727317025a316be470dadb978cba66eb0457b94b513

    • SHA512

      d0f0f2435498b7443f09356377dfd03eaad0c4472752c86783351a27c9933ab6440ee837031fe468b3fdf8e9100d4b99f8287ffce22068eb6dca430f3d88a0b8

    • SSDEEP

      12288:0z9/32XvY6CD6zzXGytE0/OJKG+UlIKfJuUKo1nWjhStiSbUccDJIwsromC:Y9vesuzzXGyO0/OJKiICuUKtYcwUccHp

    Score
    9/10
    collectionspywarestealerupx

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks