Overview

overview

10

Static

static

7

717249c759...18.exe

windows7-x64

10

717249c759...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    717249c759b5d75419246371f9c4c094_JaffaCakes118

  • Size

    32KB

  • Sample

    240725-15zfrs1ejh

  • MD5

    717249c759b5d75419246371f9c4c094

  • SHA1

    1ea3037e1af1cbdb8be8893b01f572ea6558d27b

  • SHA256

    c380ca9e6b302c11cc1e23f92aadb985ecd0ca0eab356f41d8745b95e41fe841

  • SHA512

    29cdbf43889f288bafd7b9008304996fecb018bfc326997a7575887f37f423944dbc2b7e643cb37371774297dfd99feff9eca6357a0f9b28a915a7f631184e90

  • SSDEEP

    768:99PpmRFCRxWFfw6ww2W8QIF6T6sfxTJl3QPlyMAGeAPRq:jPWCRxWF/ww2WgF6T5pJxQPlRTeAPRq

Score
10/10
discoveryevasionexecutionspywarestealerupx

Malware Config

Targets

    • Target

      717249c759b5d75419246371f9c4c094_JaffaCakes118

    • Size

      32KB

    • MD5

      717249c759b5d75419246371f9c4c094

    • SHA1

      1ea3037e1af1cbdb8be8893b01f572ea6558d27b

    • SHA256

      c380ca9e6b302c11cc1e23f92aadb985ecd0ca0eab356f41d8745b95e41fe841

    • SHA512

      29cdbf43889f288bafd7b9008304996fecb018bfc326997a7575887f37f423944dbc2b7e643cb37371774297dfd99feff9eca6357a0f9b28a915a7f631184e90

    • SSDEEP

      768:99PpmRFCRxWFfw6ww2W8QIF6T6sfxTJl3QPlyMAGeAPRq:jPWCRxWF/ww2WgF6T5pJxQPlRTeAPRq

    Score
    10/10
    discoveryevasionexecutionspywarestealerupx

    • Disables service(s)

      evasionexecution

    • Stops running service(s)

      evasionexecution

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks