Overview

overview

7

Static

static

7

43df290625...18.exe

windows7-x64

7

43df290625...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    43df2906257f773fbfc6dc3605b2d352_JaffaCakes118

  • Size

    535KB

  • Sample

    240714-cj5hwsverf

  • MD5

    43df2906257f773fbfc6dc3605b2d352

  • SHA1

    9456fdbd2b983dc655906352a3aec6a95ce93da6

  • SHA256

    c637ba1210842ce792b6b92fbb510237200ec4f808770cccc8c321efd09756c3

  • SHA512

    aaff0db21ed9e321855e9c50d531839ac24e1a25b066e15fb28b4dc507c98791807d39c6cba1ed51795e25698c17d7318081535216186d634c98afd6a5aae61f

  • SSDEEP

    12288:VHn7ibFPs2T9gXF0KnFfSduf4M91chZmCGaY2Ed:Vbi+2TeXGldufp919MY2E

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      43df2906257f773fbfc6dc3605b2d352_JaffaCakes118

    • Size

      535KB

    • MD5

      43df2906257f773fbfc6dc3605b2d352

    • SHA1

      9456fdbd2b983dc655906352a3aec6a95ce93da6

    • SHA256

      c637ba1210842ce792b6b92fbb510237200ec4f808770cccc8c321efd09756c3

    • SHA512

      aaff0db21ed9e321855e9c50d531839ac24e1a25b066e15fb28b4dc507c98791807d39c6cba1ed51795e25698c17d7318081535216186d634c98afd6a5aae61f

    • SSDEEP

      12288:VHn7ibFPs2T9gXF0KnFfSduf4M91chZmCGaY2Ed:Vbi+2TeXGldufp919MY2E

    Score
    7/10
    persistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks