Overview

overview

10

Static

static

7

Intimacao-...al.exe

windows7-x64

10

Intimacao-...al.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3466fe0d380c414cd68ba42989c1cf9b_JaffaCakes118

  • Size

    16KB

  • Sample

    240710-mtzeqsvgpc

  • MD5

    3466fe0d380c414cd68ba42989c1cf9b

  • SHA1

    6908eb92e15f9104db037d1a523619e77f28ef02

  • SHA256

    6a2b3554d5ad78b3996185ba4a3121d0b1de296a5862919dd64fbcd31aeb5670

  • SHA512

    108fc2658fc1509e23238bdca62a6bacf7fe79eeda206a27b3b3168c37e9a189231ad48ec21b1f5ac6a660f9033ea8505eccd03b535ad92543a5023abce296aa

  • SSDEEP

    384:pCenaq1GKhnR7jCNs4CGMKJULsJWQK9OTWPpr:monR7SsGMKhJ7OLPpr

Score
10/10
adwareevasionstealertrojanupx

Malware Config

Targets

    • Target

      Intimacao-Criminal.exe

    • Size

      31KB

    • MD5

      8c99f991f15d7767fd1b1a0d7c1589d1

    • SHA1

      32582ff318a1b0a5102eaa1816378899d8292129

    • SHA256

      28b4ac28e2a097555768b48dc053eefcb76f65026eda0ff3b9ba3b875527fcc6

    • SHA512

      9ca32a1806116eb613c2376732e880a18af80cf119fcc09ce008a08ea8b3017a3624b300f65e3e1fb33453ee8c8366e84bf18064e839f40c2d79c0774b34f5a0

    • SSDEEP

      384:ZLcFXZYvj5XFI+rwMvTPQGJdr/Qpo2NNcwl+vzHEU/DT:hcFpYvjHImwMvkGu1NNcwwvzEMD

    Score
    10/10
    adwareevasionstealertrojanupx

    • UAC bypass

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks