Overview

overview

10

Static

static

3

59def54400...18.exe

windows7-x64

10

59def54400...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    59def54400855957abf2516049d41010_JaffaCakes118

  • Size

    63KB

  • Sample

    240719-bm3m2awcjl

  • MD5

    59def54400855957abf2516049d41010

  • SHA1

    2c8389318df526dab0e98a9d7fdf11fc74310a38

  • SHA256

    5f923280a785a685993101788b40c9222c09e9a4c5f63744b2042e1c7f2266c9

  • SHA512

    fdadc1fcf3992e8172818e380d110406c8e692e86cfad564d6e05b0509c3a42c3e2a4e85c54598a3c54634aeea831e777139f3397372884020d71d0fef26ee54

  • SSDEEP

    384:JwdJ27fh9rpbADHXqoJ6jFMWHZf7tJ5mij6olHF1iCOs/WPNQAn:JA2D1sbqoJ6jWWH9vZ6VRKWPNHn

Score
10/10
evasionspywarestealerupx

Malware Config

Targets

    • Target

      59def54400855957abf2516049d41010_JaffaCakes118

    • Size

      63KB

    • MD5

      59def54400855957abf2516049d41010

    • SHA1

      2c8389318df526dab0e98a9d7fdf11fc74310a38

    • SHA256

      5f923280a785a685993101788b40c9222c09e9a4c5f63744b2042e1c7f2266c9

    • SHA512

      fdadc1fcf3992e8172818e380d110406c8e692e86cfad564d6e05b0509c3a42c3e2a4e85c54598a3c54634aeea831e777139f3397372884020d71d0fef26ee54

    • SSDEEP

      384:JwdJ27fh9rpbADHXqoJ6jFMWHZf7tJ5mij6olHF1iCOs/WPNQAn:JA2D1sbqoJ6jWWH9vZ6VRKWPNHn

    Score
    10/10
    evasionspywarestealerupx

    • Modifies firewall policy service

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks