Overview

overview

7

Static

static

7

8c501fac0d...18.exe

windows7-x64

7

8c501fac0d...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8c501fac0d7b30307d36a6ec52cedc41_JaffaCakes118

  • Size

    168KB

  • Sample

    240811-2wmw2sshll

  • MD5

    8c501fac0d7b30307d36a6ec52cedc41

  • SHA1

    076db7f2bb76c321630ea0716b0c251c8411fb5f

  • SHA256

    8feaa82a64ccd8ddf24db1e4bfa9ec384d594239c2c515c4cb1b887a4bb2b74f

  • SHA512

    9ed35e562c204a79d66d9e5891acea105367013dc752e7f627081edfb6ec9decb04e3051f4722020e142ea435bbd3b0a81fe27ec4aa327431b8456501841ec3a

  • SSDEEP

    3072:MqpUfn63I6rYPEIeyxs0WViAMaDj1M4+kOCEODXpt6VthJTq:ooz0sItxs0WVWaC4+JzODj6VthJq

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      8c501fac0d7b30307d36a6ec52cedc41_JaffaCakes118

    • Size

      168KB

    • MD5

      8c501fac0d7b30307d36a6ec52cedc41

    • SHA1

      076db7f2bb76c321630ea0716b0c251c8411fb5f

    • SHA256

      8feaa82a64ccd8ddf24db1e4bfa9ec384d594239c2c515c4cb1b887a4bb2b74f

    • SHA512

      9ed35e562c204a79d66d9e5891acea105367013dc752e7f627081edfb6ec9decb04e3051f4722020e142ea435bbd3b0a81fe27ec4aa327431b8456501841ec3a

    • SSDEEP

      3072:MqpUfn63I6rYPEIeyxs0WViAMaDj1M4+kOCEODXpt6VthJTq:ooz0sItxs0WVWaC4+JzODj6VthJq

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks