Overview

overview

10

Static

static

3

731d524bc7...18.exe

windows7-x64

10

731d524bc7...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    731d524bc7cc2fe9b775449da218c8f4_JaffaCakes118

  • Size

    162KB

  • Sample

    240726-jbfywstgpl

  • MD5

    731d524bc7cc2fe9b775449da218c8f4

  • SHA1

    87abe3b2ab9a46625d7411ed987d23236c246e6d

  • SHA256

    5546cf64ad2aa5ffb44cff29fb434ffd7e84da4a4f63d50bf4a153fc67572f95

  • SHA512

    8305186eb98804cec528aa3036b4240452674737e3f268c20503be2214ba3f2735f0c78ebce4869fbbdb3c793d8ddc37029c038df7cbf6a09fc20fd3709387e5

  • SSDEEP

    3072:g0FfxDxyaikGcpdqQnUmnVqFjl/ZA2FwGkzB2xlrl/fVlJ4jo52vflxAu9aStrjP:/Dxz58FhZAS+zWr5ftl5IlxAu9teX

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      731d524bc7cc2fe9b775449da218c8f4_JaffaCakes118

    • Size

      162KB

    • MD5

      731d524bc7cc2fe9b775449da218c8f4

    • SHA1

      87abe3b2ab9a46625d7411ed987d23236c246e6d

    • SHA256

      5546cf64ad2aa5ffb44cff29fb434ffd7e84da4a4f63d50bf4a153fc67572f95

    • SHA512

      8305186eb98804cec528aa3036b4240452674737e3f268c20503be2214ba3f2735f0c78ebce4869fbbdb3c793d8ddc37029c038df7cbf6a09fc20fd3709387e5

    • SSDEEP

      3072:g0FfxDxyaikGcpdqQnUmnVqFjl/ZA2FwGkzB2xlrl/fVlJ4jo52vflxAu9aStrjP:/Dxz58FhZAS+zWr5ftl5IlxAu9teX

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks