Overview

overview

8

Static

static

7

a6007ec38a...18.exe

windows7-x64

7

a6007ec38a...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a6007ec38a30834942c544af376b426b_JaffaCakes118

  • Size

    50KB

  • Sample

    240818-jxjlxatfjg

  • MD5

    a6007ec38a30834942c544af376b426b

  • SHA1

    846889ba1f2590e734643849dfbbc362585a385f

  • SHA256

    7bc2c25c4ed780634240f71336b2fb669b550121a8c5128217ebba7061e736c8

  • SHA512

    8d17786f160a99c5212c5606bc0f545389734cc23bf15e28a77d23e64de6bc9db5f8c070a159ad6020689fa6dfbe90fd725f425968a55068151a4361cab9306a

  • SSDEEP

    768:opTqsZIVZpzeV7oh8aMlcMES7gM8/+PZAPD6HxopPldi+pAltp1d06Gfa1ODbrKH:oT9kZlGK8Nl7gsPCr6Hu3d1p45GfRI

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      a6007ec38a30834942c544af376b426b_JaffaCakes118

    • Size

      50KB

    • MD5

      a6007ec38a30834942c544af376b426b

    • SHA1

      846889ba1f2590e734643849dfbbc362585a385f

    • SHA256

      7bc2c25c4ed780634240f71336b2fb669b550121a8c5128217ebba7061e736c8

    • SHA512

      8d17786f160a99c5212c5606bc0f545389734cc23bf15e28a77d23e64de6bc9db5f8c070a159ad6020689fa6dfbe90fd725f425968a55068151a4361cab9306a

    • SSDEEP

      768:opTqsZIVZpzeV7oh8aMlcMES7gM8/+PZAPD6HxopPldi+pAltp1d06Gfa1ODbrKH:oT9kZlGK8Nl7gsPCr6Hu3d1p45GfRI

    Score
    8/10
    discoverypersistenceupx

    • Blocklisted process makes network request

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks