Overview

overview

7

Static

static

7

WSockExpert.exe

windows7-x64

7

WSockExpert.exe

windows10-2004-x64

7

WSockHook.dll

windows7-x64

7

WSockHook.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b71136d43614648f2bb32f7b3b9826e2_JaffaCakes118

  • Size

    257KB

  • Sample

    240822-k155ra1gnq

  • MD5

    b71136d43614648f2bb32f7b3b9826e2

  • SHA1

    ae562a26da18cf94ffe4801c181bddb369fea26e

  • SHA256

    27d289d5f844f7155d068cea7bd4b3825da727590a44b1d4417849029c0e8172

  • SHA512

    76547eb39bb2477089a8f149811b6e85b216a5d3a01079195ed61bda7e986c828263a92d8d7c4bba3bebbdbd027bb93d7baad2cb3586181b8db2474b0a154f73

  • SSDEEP

    6144:pyKxOX9TT0uCR6iZcG/FlmT2ekolppp7CKg6CHACzgGLQbzyToHHhm+ysc:mTWR6iuG/oka/tgnTpQvjhmic

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      WSockExpert.exe

    • Size

      242KB

    • MD5

      9fe073bf0aed9c361dc70d2522657d67

    • SHA1

      587c407628f0a08438e1bb7ed545dc61e82d0d37

    • SHA256

      08fc5b77a78d7b7adaaf85bfdc9d5ef780d42314742f9e7d564386e47c0246d5

    • SHA512

      b62908157a68756064abd63ded44337e8f9b95f6ecce6f96b7358af7b45118876f4a0539aabf641ff78a365330668249e4ebc4e9272cfc76a479d0e01c830e4c

    • SSDEEP

      6144:Mfl2ZcZ/Ea1KXoanu577yV08rmRGeMA3e:MVqa1KYaiXyV0mmRGeMA3

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      WSockHook.dll

    • Size

      25KB

    • MD5

      6c39efdb015836e672a83f0312885a15

    • SHA1

      8dbe0dc1ebcc2c51bb2293e2146cfbff4d9cd0a7

    • SHA256

      5c20e2402173d8e0e9658f3f26c45286bbd7ce232dc197a352decd51a7d53517

    • SHA512

      a901bd679e3f730c450ce32163e202c1e4100511c49007e8fc3e687c7249b908b63fdc3f3cb78517bd54474e038adadeb83ebcd4dc983f30a2caddd7fe9f7c51

    • SSDEEP

      384:oEl7Z/wAo9QRNccygP88h7vlZ6wttf0bAcklz5/AvnQVfRCc1Bj0woElnp5y:Nl7pdoSRbpxtp1JwQhZ1BwOD

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks