Overview

overview

10

Static

static

3

72cd02bb45...18.exe

windows7-x64

10

72cd02bb45...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    72cd02bb45db99bae9063452b21e63eb_JaffaCakes118

  • Size

    181KB

  • Sample

    240726-gf6c8szcjj

  • MD5

    72cd02bb45db99bae9063452b21e63eb

  • SHA1

    24cd3ec87575f8101575cfc923684d965052ba54

  • SHA256

    3327c35858eb8156575e04e0ba5269d68b92988fea6fe99250fdb94da3bb6c62

  • SHA512

    3dc498125a10adb76d5d3740626a63f296848d7d30c3d267afd816c83a85e9f8d858399e74ae032cb5921eab093f94ecd6bdc4f2d24701c39a4660195f9b4a18

  • SSDEEP

    3072:qbOgPj2rMhkyOJvuD57lHUnzmo9+6Mb3Aj7FRpUFfjGzH3uNsgX1R/6Hu:2HmMrOJvuF4moq8ZqjGrGvFR/Qu

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      72cd02bb45db99bae9063452b21e63eb_JaffaCakes118

    • Size

      181KB

    • MD5

      72cd02bb45db99bae9063452b21e63eb

    • SHA1

      24cd3ec87575f8101575cfc923684d965052ba54

    • SHA256

      3327c35858eb8156575e04e0ba5269d68b92988fea6fe99250fdb94da3bb6c62

    • SHA512

      3dc498125a10adb76d5d3740626a63f296848d7d30c3d267afd816c83a85e9f8d858399e74ae032cb5921eab093f94ecd6bdc4f2d24701c39a4660195f9b4a18

    • SSDEEP

      3072:qbOgPj2rMhkyOJvuD57lHUnzmo9+6Mb3Aj7FRpUFfjGzH3uNsgX1R/6Hu:2HmMrOJvuF4moq8ZqjGrGvFR/Qu

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks