Overview

overview

8

Static

static

7

2e5e2bfc20...18.exe

windows7-x64

8

2e5e2bfc20...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2e5e2bfc20b172c6b7462080454aee5a_JaffaCakes118

  • Size

    328KB

  • Sample

    240709-aq69ysyhkd

  • MD5

    2e5e2bfc20b172c6b7462080454aee5a

  • SHA1

    b1fd747f7e52438a904e149359e559fcb3abf13e

  • SHA256

    46fce451ad09ee2a2feeccdcb94723b88f0c0e9fccc91dd9e4081afa55ce1cb8

  • SHA512

    18b35401b0cf684861f58f966867904fb5812117092e94102882b051de12a29c87654b17671bd3c57e3fab7f4945185395754fd071937a6933c39ababab9f732

  • SSDEEP

    6144:8lZ/zUMu4pDSxsCMRzf7x3SfS1JAzXBtL76l3FNTig:8HLUMuiv9RgfSjAzRtyvmg

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      2e5e2bfc20b172c6b7462080454aee5a_JaffaCakes118

    • Size

      328KB

    • MD5

      2e5e2bfc20b172c6b7462080454aee5a

    • SHA1

      b1fd747f7e52438a904e149359e559fcb3abf13e

    • SHA256

      46fce451ad09ee2a2feeccdcb94723b88f0c0e9fccc91dd9e4081afa55ce1cb8

    • SHA512

      18b35401b0cf684861f58f966867904fb5812117092e94102882b051de12a29c87654b17671bd3c57e3fab7f4945185395754fd071937a6933c39ababab9f732

    • SSDEEP

      6144:8lZ/zUMu4pDSxsCMRzf7x3SfS1JAzXBtL76l3FNTig:8HLUMuiv9RgfSjAzRtyvmg

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks