Overview

overview

10

Static

static

7

647284f11d...18.exe

windows7-x64

10

647284f11d...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    647284f11daf994825b6533734d8ff61_JaffaCakes118

  • Size

    17KB

  • Sample

    240722-xxe6datbkh

  • MD5

    647284f11daf994825b6533734d8ff61

  • SHA1

    b89a79924c040a4997de90c44fde264eca7c5288

  • SHA256

    d0e4c23bfbc02a02cb168da1c00b14e792ba2c1dfdc194b9638addd2aef17c89

  • SHA512

    63d4d9a75f070c69bbd97cbefff03b240d95ac25b2d63cdc30e62bc731ea851239d681d885e99dfcf340ec932c00ef676b6d3332537fab572539674632d2aba2

  • SSDEEP

    384:7+YRUp6nfwwfO07twGTngwbdbZrgqqBGJLMRQPXAPPoL57IbuMN:XK58trTnDliGJARQPQPwLpICMN

Score
10/10
evasionexecutionspywarestealerupx

Malware Config

Targets

    • Target

      647284f11daf994825b6533734d8ff61_JaffaCakes118

    • Size

      17KB

    • MD5

      647284f11daf994825b6533734d8ff61

    • SHA1

      b89a79924c040a4997de90c44fde264eca7c5288

    • SHA256

      d0e4c23bfbc02a02cb168da1c00b14e792ba2c1dfdc194b9638addd2aef17c89

    • SHA512

      63d4d9a75f070c69bbd97cbefff03b240d95ac25b2d63cdc30e62bc731ea851239d681d885e99dfcf340ec932c00ef676b6d3332537fab572539674632d2aba2

    • SSDEEP

      384:7+YRUp6nfwwfO07twGTngwbdbZrgqqBGJLMRQPXAPPoL57IbuMN:XK58trTnDliGJARQPQPwLpICMN

    Score
    10/10
    evasionexecutionspywarestealerupx

    • Disables service(s)

      evasionexecution

    • Stops running service(s)

      evasionexecution

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks