Overview

overview

7

Static

static

3

b08a6db883...18.exe

windows7-x64

7

b08a6db883...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b08a6db88330cbb105cc7ec9d4a7579f_JaffaCakes118

  • Size

    158KB

  • Sample

    240820-x9sbgatbqp

  • MD5

    b08a6db88330cbb105cc7ec9d4a7579f

  • SHA1

    7a9d7cee7cfbc63c4b226b248ddd7d19774fe58f

  • SHA256

    896bfa023870851ca1c757beeb4cc983833b04675650821e1ba30015eeb8e3d4

  • SHA512

    c005f6151ec9687368e07c7d5dc7a1481574ed243c5f24e5faba679fe3c576abe3602ed9ef8b05a01fa974fffc22d04abaed7642d97ef612ae2cf906b727cf82

  • SSDEEP

    3072:459FnZgyMlZNLdjCSAAvvwMtC/jij1H0iKzkrmC8Ar+gKW9:4X5ZoASAAnwMsjXU82+/W

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      b08a6db88330cbb105cc7ec9d4a7579f_JaffaCakes118

    • Size

      158KB

    • MD5

      b08a6db88330cbb105cc7ec9d4a7579f

    • SHA1

      7a9d7cee7cfbc63c4b226b248ddd7d19774fe58f

    • SHA256

      896bfa023870851ca1c757beeb4cc983833b04675650821e1ba30015eeb8e3d4

    • SHA512

      c005f6151ec9687368e07c7d5dc7a1481574ed243c5f24e5faba679fe3c576abe3602ed9ef8b05a01fa974fffc22d04abaed7642d97ef612ae2cf906b727cf82

    • SSDEEP

      3072:459FnZgyMlZNLdjCSAAvvwMtC/jij1H0iKzkrmC8Ar+gKW9:4X5ZoASAAnwMsjXU82+/W

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks