Overview

overview

7

Static

static

7

b984439cbe...18.dll

windows7-x64

7

b984439cbe...18.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b984439cbe68d09348b8385ef4435f3f_JaffaCakes118

  • Size

    38KB

  • Sample

    240822-3m5aeawdnp

  • MD5

    b984439cbe68d09348b8385ef4435f3f

  • SHA1

    c6c23a137c38194ee6ee9b3ff7dbb2e3a4c4b073

  • SHA256

    5715b50d0d1588ca32116b10eda0afb687ead513c5723691c8a8aac8f3614523

  • SHA512

    3580a385eff9f19d3f015745a18a78bb3df7a4324bb807fcd39b4bd39a4300529ab938310e5d85d8f1ebb6dcec0797dbc6a39ef76eb29eebff711e8a009dd707

  • SSDEEP

    768:q72EtfWfm+ZgTlShj1dESUOpP7KqjHEMc72pUnbcuyD7Ut:qSMfWOMQPSP2mH1ciUnouy8t

Score
7/10
defense_evasiondiscoveryprivilege_escalationupx

Malware Config

Targets

    • Target

      b984439cbe68d09348b8385ef4435f3f_JaffaCakes118

    • Size

      38KB

    • MD5

      b984439cbe68d09348b8385ef4435f3f

    • SHA1

      c6c23a137c38194ee6ee9b3ff7dbb2e3a4c4b073

    • SHA256

      5715b50d0d1588ca32116b10eda0afb687ead513c5723691c8a8aac8f3614523

    • SHA512

      3580a385eff9f19d3f015745a18a78bb3df7a4324bb807fcd39b4bd39a4300529ab938310e5d85d8f1ebb6dcec0797dbc6a39ef76eb29eebff711e8a009dd707

    • SSDEEP

      768:q72EtfWfm+ZgTlShj1dESUOpP7KqjHEMc72pUnbcuyD7Ut:qSMfWOMQPSP2mH1ciUnouy8t

    Score
    7/10
    defense_evasiondiscoveryprivilege_escalationupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks