Overview

overview

7

Static

static

3

6544d5f7bc...18.exe

windows7-x64

7

6544d5f7bc...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6544d5f7bcf7e44cb4e5f1aa6a26f3ed_JaffaCakes118

  • Size

    814KB

  • Sample

    240722-3mrdjswajq

  • MD5

    6544d5f7bcf7e44cb4e5f1aa6a26f3ed

  • SHA1

    ddcc56065de3a8cd16b3d5b9cde1bcd4a2ad6c08

  • SHA256

    87df69f4bcc8d7215d49fb54697b2933a26396fcf1449113f3032e072b693d16

  • SHA512

    cd337bc00c086ae4f2254a74f8d588e281479e94cf34e98ff214784bcc8180691cf0d20ae5f399d657e6d2e05c955436dddd2530288109cf1af8db20edae3db7

  • SSDEEP

    24576:9k7b1fIJGyCXjUKJPVOGMejcFdk49nWCdl:SB4W/5Vvcz/9WE

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      6544d5f7bcf7e44cb4e5f1aa6a26f3ed_JaffaCakes118

    • Size

      814KB

    • MD5

      6544d5f7bcf7e44cb4e5f1aa6a26f3ed

    • SHA1

      ddcc56065de3a8cd16b3d5b9cde1bcd4a2ad6c08

    • SHA256

      87df69f4bcc8d7215d49fb54697b2933a26396fcf1449113f3032e072b693d16

    • SHA512

      cd337bc00c086ae4f2254a74f8d588e281479e94cf34e98ff214784bcc8180691cf0d20ae5f399d657e6d2e05c955436dddd2530288109cf1af8db20edae3db7

    • SSDEEP

      24576:9k7b1fIJGyCXjUKJPVOGMejcFdk49nWCdl:SB4W/5Vvcz/9WE

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks