Overview

overview

7

Static

static

3

5e6b601a40...18.exe

windows7-x64

7

5e6b601a40...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e6b601a400bfda4995a37db0def7f95_JaffaCakes118

  • Size

    218KB

  • Sample

    240720-bces8asfme

  • MD5

    5e6b601a400bfda4995a37db0def7f95

  • SHA1

    507692999fe08123e65e98be21729168ea8df134

  • SHA256

    951ba0f330f0efae1d7fbdc71a4d4fc9ca69b60bac9493e7c8e6f0d74dc31d5d

  • SHA512

    1bb0f8a9c22aa058512d2f9e87d48b3e4a76d2748d974d12758dd9c0042c37a61fca0c48b0253428df9dbf1fdf70968cd9ead423f8e43488ca61ad226046b693

  • SSDEEP

    3072:PQPSddCb+h2Yy/xHcQavxgtW9cKy/FbyGbuCqFhFjqxccT+ZqRBQ2ZTPklN:PQPN+h2HKT9fyuCqFhgxn+YQ2sN

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      5e6b601a400bfda4995a37db0def7f95_JaffaCakes118

    • Size

      218KB

    • MD5

      5e6b601a400bfda4995a37db0def7f95

    • SHA1

      507692999fe08123e65e98be21729168ea8df134

    • SHA256

      951ba0f330f0efae1d7fbdc71a4d4fc9ca69b60bac9493e7c8e6f0d74dc31d5d

    • SHA512

      1bb0f8a9c22aa058512d2f9e87d48b3e4a76d2748d974d12758dd9c0042c37a61fca0c48b0253428df9dbf1fdf70968cd9ead423f8e43488ca61ad226046b693

    • SSDEEP

      3072:PQPSddCb+h2Yy/xHcQavxgtW9cKy/FbyGbuCqFhFjqxccT+ZqRBQ2ZTPklN:PQPN+h2HKT9fyuCqFhgxn+YQ2sN

    Score
    7/10
    persistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks