Overview

overview

8

Static

static

7

353baf6bd3...18.exe

windows7-x64

8

353baf6bd3...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    353baf6bd3340474319176076b9b1698_JaffaCakes118

  • Size

    122KB

  • Sample

    240710-sgrr1svbmk

  • MD5

    353baf6bd3340474319176076b9b1698

  • SHA1

    f976e76547d03230fb691f0e016860384bd727fc

  • SHA256

    44b60534c60a12e8190d135b4484dde425a8b11730d7e3eafd153dbf94020ee1

  • SHA512

    e78ea480f4bd0410f8d8159de44b04ce922ba7083fb133cbbd4c7990bca6ced5fe615351952b19093a2775feeb5477cd60637b033673a56644bf922d12c6fd1c

  • SSDEEP

    3072:AoQVT+/RSEusl44dro6keTzfoxwaazEv9pUIjJ4dkpzm7NkmZoutv:wsr44Jo6ke/rzgQIjVpGZoS

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      353baf6bd3340474319176076b9b1698_JaffaCakes118

    • Size

      122KB

    • MD5

      353baf6bd3340474319176076b9b1698

    • SHA1

      f976e76547d03230fb691f0e016860384bd727fc

    • SHA256

      44b60534c60a12e8190d135b4484dde425a8b11730d7e3eafd153dbf94020ee1

    • SHA512

      e78ea480f4bd0410f8d8159de44b04ce922ba7083fb133cbbd4c7990bca6ced5fe615351952b19093a2775feeb5477cd60637b033673a56644bf922d12c6fd1c

    • SSDEEP

      3072:AoQVT+/RSEusl44dro6keTzfoxwaazEv9pUIjJ4dkpzm7NkmZoutv:wsr44Jo6ke/rzgQIjVpGZoS

    Score
    8/10
    discoverypersistenceupx

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks