Overview

overview

7

Static

static

3

945765c55f...18.exe

windows7-x64

7

945765c55f...18.exe

windows10-2004-x64

7

$PLUGINSDI...go.exe

windows7-x64

7

$PLUGINSDI...go.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    945765c55f7af3c01c6e2ad02c07d4a2_JaffaCakes118

  • Size

    2.4MB

  • Sample

    240813-xpngsa1cmf

  • MD5

    945765c55f7af3c01c6e2ad02c07d4a2

  • SHA1

    9d2cf197f32f94338a3cb1f99f33692b5f2e2989

  • SHA256

    bc8296502bb9f04ddb6141bb760f5d2c031125f7a8c9d6ce6da798dd912ebc14

  • SHA512

    dbea2503073c94265608de04b474ad6d9768720fe88cb79986b42dcd33d12bc691dd501e4f959c67b1bd1f5dd71495e87e24f5033ba41ad122047acb5a7da098

  • SSDEEP

    49152:3Oqh7hykqd4OWQaTaWCHnUe4eox5wzSo6Sx6N2TE53VSOr9YoPLMzK3+FWw:eEr3Q7WAnUe4e+5w3nx6N2TEd9xnD5o5

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      945765c55f7af3c01c6e2ad02c07d4a2_JaffaCakes118

    • Size

      2.4MB

    • MD5

      945765c55f7af3c01c6e2ad02c07d4a2

    • SHA1

      9d2cf197f32f94338a3cb1f99f33692b5f2e2989

    • SHA256

      bc8296502bb9f04ddb6141bb760f5d2c031125f7a8c9d6ce6da798dd912ebc14

    • SHA512

      dbea2503073c94265608de04b474ad6d9768720fe88cb79986b42dcd33d12bc691dd501e4f959c67b1bd1f5dd71495e87e24f5033ba41ad122047acb5a7da098

    • SSDEEP

      49152:3Oqh7hykqd4OWQaTaWCHnUe4eox5wzSo6Sx6N2TE53VSOr9YoPLMzK3+FWw:eEr3Q7WAnUe4e+5w3nx6N2TEd9xnD5o5

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/setup2go.exe

    • Size

      2.3MB

    • MD5

      578f02d63e34698b9ac5f272d219b56a

    • SHA1

      8d8b823be22a2d30a760553380d9b47d9c72147e

    • SHA256

      ac80565df72a569843bec8ff03687c6fc62d6d0be9e4a2d7cf8ec5a2ccbf79a0

    • SHA512

      0c553bd17649c26d0ef1afe8a3d5683b34674f9826a50258fcd4a82031d350def01f2d8635f1bec78e7b418ac26e282becee95082d960ca69bfaadffd1acf0cc

    • SSDEEP

      49152:Eh7hykqd4OWQaTaWCHnUe4eox5wzSo6Sx6N2TE53VSOr9YoPLMzK3+FWz:yr3Q7WAnUe4e+5w3nx6N2TEd9xnD5oO

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks