Overview

overview

8

Static

static

3

7122073218...18.exe

windows7-x64

3

7122073218...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7122073218f56e6d79eb7abda9f8d057_JaffaCakes118

  • Size

    56KB

  • Sample

    240725-zb9tzashnj

  • MD5

    7122073218f56e6d79eb7abda9f8d057

  • SHA1

    10f48bb04ba7c1d890c226423153fe7e6a698ede

  • SHA256

    60f7e8d00e72a6ae25900b94d721be8b0afd3fb43dfd9b7c9c216f1b6e5329c0

  • SHA512

    1e88314364bb0287d3f7c5d7f31b494b7884fa3e79eb26c3ead3cab91e8c742fdfcebb0cfc120939c1162db16f9078a624bbf774538a891a6f257228c722589a

  • SSDEEP

    1536:Zz6x1D07/SqU1QN01Nf/+ZJ/P7O6WO2FMLizYsp0EpcTO6:Zg/+Z179IArsPD6

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      7122073218f56e6d79eb7abda9f8d057_JaffaCakes118

    • Size

      56KB

    • MD5

      7122073218f56e6d79eb7abda9f8d057

    • SHA1

      10f48bb04ba7c1d890c226423153fe7e6a698ede

    • SHA256

      60f7e8d00e72a6ae25900b94d721be8b0afd3fb43dfd9b7c9c216f1b6e5329c0

    • SHA512

      1e88314364bb0287d3f7c5d7f31b494b7884fa3e79eb26c3ead3cab91e8c742fdfcebb0cfc120939c1162db16f9078a624bbf774538a891a6f257228c722589a

    • SSDEEP

      1536:Zz6x1D07/SqU1QN01Nf/+ZJ/P7O6WO2FMLizYsp0EpcTO6:Zg/+Z179IArsPD6

    Score
    8/10
    discoverypersistenceupx

    • Blocklisted process makes network request

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks