Overview

overview

7

Static

static

3

70b772a75b...18.exe

windows7-x64

7

70b772a75b...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    70b772a75bbcad407131444efb15d5c9_JaffaCakes118

  • Size

    336KB

  • Sample

    240725-wy6t2swepr

  • MD5

    70b772a75bbcad407131444efb15d5c9

  • SHA1

    c0964ffe345bc562d3c05a23802f0579ee777196

  • SHA256

    793957c4a418bc13c3def9d250e8d449b0190c7043437a8e2d318688c3b322e4

  • SHA512

    6f410dcc5f9a1448479823acb525fdfc65b5e8d7769602c5f298054f2d8d190fd801e9faede2d52e4678ddd4f9da0603e555055e4754350e4b7afec26f029be1

  • SSDEEP

    6144:OUsPYNU97D4SMUQMI4TdK0DcE157Dylc30eAz71L/rpI+M:OTPY2CUQMdbIE1lylc3bAtO+M

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      70b772a75bbcad407131444efb15d5c9_JaffaCakes118

    • Size

      336KB

    • MD5

      70b772a75bbcad407131444efb15d5c9

    • SHA1

      c0964ffe345bc562d3c05a23802f0579ee777196

    • SHA256

      793957c4a418bc13c3def9d250e8d449b0190c7043437a8e2d318688c3b322e4

    • SHA512

      6f410dcc5f9a1448479823acb525fdfc65b5e8d7769602c5f298054f2d8d190fd801e9faede2d52e4678ddd4f9da0603e555055e4754350e4b7afec26f029be1

    • SSDEEP

      6144:OUsPYNU97D4SMUQMI4TdK0DcE157Dylc30eAz71L/rpI+M:OTPY2CUQMdbIE1lylc3bAtO+M

    Score
    7/10
    discoverypersistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks