Overview

overview

8

Static

static

7

4be61699e3...18.exe

windows7-x64

8

4be61699e3...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4be61699e3031c17b5615a2c05f48251_JaffaCakes118

  • Size

    736KB

  • Sample

    240715-3mckdsxenf

  • MD5

    4be61699e3031c17b5615a2c05f48251

  • SHA1

    f1db919ff714ace77c1161b60c4b73dfcc4aac4d

  • SHA256

    14b6afa3f0cff00b62f327f801244ffff58bbda11eba50f3c63ba3bbec03445b

  • SHA512

    308e042b74a834c63a0f76e4020354fe3dbaeb890e45f7c6d1507a4d21ccd8d808ac480106cd137887e1037e03307dda9bb0d43815fda33e7804ef4e7f7549db

  • SSDEEP

    12288:n0M8Yn/Q3NS9moJdn4NMl9Zj0irqmZrfUSP0uG0xlaHiw9WVtuAWQtP2IJB:n0qnYZY4M9B0u7kyxMidVt2IJ

Score
8/10
adwareevasionpersistenceprivilege_escalationstealerupx

Malware Config

Targets

    • Target

      4be61699e3031c17b5615a2c05f48251_JaffaCakes118

    • Size

      736KB

    • MD5

      4be61699e3031c17b5615a2c05f48251

    • SHA1

      f1db919ff714ace77c1161b60c4b73dfcc4aac4d

    • SHA256

      14b6afa3f0cff00b62f327f801244ffff58bbda11eba50f3c63ba3bbec03445b

    • SHA512

      308e042b74a834c63a0f76e4020354fe3dbaeb890e45f7c6d1507a4d21ccd8d808ac480106cd137887e1037e03307dda9bb0d43815fda33e7804ef4e7f7549db

    • SSDEEP

      12288:n0M8Yn/Q3NS9moJdn4NMl9Zj0irqmZrfUSP0uG0xlaHiw9WVtuAWQtP2IJB:n0qnYZY4M9B0u7kyxMidVt2IJ

    Score
    8/10
    adwareevasionpersistenceprivilege_escalationstealerupx

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks