Overview

overview

8

Static

static

3

8609393373...18.exe

windows7-x64

8

8609393373...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8609393373af63e6a6e230839ea95480_JaffaCakes118

  • Size

    117KB

  • Sample

    240810-pkc69aygjp

  • MD5

    8609393373af63e6a6e230839ea95480

  • SHA1

    cf15c3a177b9499232b6a301aaed9b7a636f32c7

  • SHA256

    0e5dfd156e579478d7d391540c13313becad75780c212e3ea9fa09a8a8b5f5d7

  • SHA512

    91392adb3be8c0342d8a7feb4a8814970410094d0b6e8c43f0a4e95a4346a172ae91a21a301bc3a65f18ad66b266c492707511db86efc8fcc0d5c1d2e1e11e66

  • SSDEEP

    3072:mXobMMnDiwBQu0v89KoTFk++G0/adN3adcK:TpQJ89i++tadZ+

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      8609393373af63e6a6e230839ea95480_JaffaCakes118

    • Size

      117KB

    • MD5

      8609393373af63e6a6e230839ea95480

    • SHA1

      cf15c3a177b9499232b6a301aaed9b7a636f32c7

    • SHA256

      0e5dfd156e579478d7d391540c13313becad75780c212e3ea9fa09a8a8b5f5d7

    • SHA512

      91392adb3be8c0342d8a7feb4a8814970410094d0b6e8c43f0a4e95a4346a172ae91a21a301bc3a65f18ad66b266c492707511db86efc8fcc0d5c1d2e1e11e66

    • SSDEEP

      3072:mXobMMnDiwBQu0v89KoTFk++G0/adN3adcK:TpQJ89i++tadZ+

    Score
    8/10
    discoveryupx

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Deletes itself

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks