Overview

overview

7

Static

static

7

6fae3c9c83...18.exe

windows7-x64

7

6fae3c9c83...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6fae3c9c833f77360acdb4493e80d126_JaffaCakes118

  • Size

    179KB

  • Sample

    240725-p9gwqszdrj

  • MD5

    6fae3c9c833f77360acdb4493e80d126

  • SHA1

    cc304ae6d616cf34f5099059e7e84465b6243fce

  • SHA256

    3f0007bc6c6fda12330075cdb4c83c819ad71e1a9173483a2d0762fbdd400afd

  • SHA512

    afd49af4e03a696b818c031d4f393ff55b108ca6c74c017a5b92ae91f7130a50ef8218abe89fe37f8e5fbeffb0309ed886e0970082508d6a784b671e0214a2e2

  • SSDEEP

    3072:iGHjfXCamuMkZqL5Ha9oShQ/n5cJhbtg7hFHWnTVxZOvTeSCSSL7t:n/7muMoqLxMthO2hu7H6TVKbRCS

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      6fae3c9c833f77360acdb4493e80d126_JaffaCakes118

    • Size

      179KB

    • MD5

      6fae3c9c833f77360acdb4493e80d126

    • SHA1

      cc304ae6d616cf34f5099059e7e84465b6243fce

    • SHA256

      3f0007bc6c6fda12330075cdb4c83c819ad71e1a9173483a2d0762fbdd400afd

    • SHA512

      afd49af4e03a696b818c031d4f393ff55b108ca6c74c017a5b92ae91f7130a50ef8218abe89fe37f8e5fbeffb0309ed886e0970082508d6a784b671e0214a2e2

    • SSDEEP

      3072:iGHjfXCamuMkZqL5Ha9oShQ/n5cJhbtg7hFHWnTVxZOvTeSCSSL7t:n/7muMoqLxMthO2hu7H6TVKbRCS

    Score
    7/10
    discoverypersistenceupx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks