Overview

overview

10

Static

static

3

b791db6868...18.exe

windows7-x64

10

b791db6868...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    b791db68682b861d613c44af0383cd17_JaffaCakes118

  • Size

    179KB

  • Sample

    240822-pay1zayfmm

  • MD5

    b791db68682b861d613c44af0383cd17

  • SHA1

    73a5234c58a7a162466ad0fbb06832a9a6359643

  • SHA256

    1c624702ae179751419ef6a4ef9826a6c13ce5d6175b600c8dc46857f9374689

  • SHA512

    32b7211a5c187145b9ef22083d67af44f77d0755915373af2b6fcc897f222dec423ce81e416cf1b36be50e472fa98267c8df0709e8403c1a1230f97fe15c51db

  • SSDEEP

    3072:K4EKrr2Xl9t0/sE2+Xj4yJa38Et1q7veqLUyxkChSCiXL6InHrRLyKAKLvnfL2:K4A+/sEljRUfi7veFyeChSCMnHr1ynKr

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      b791db68682b861d613c44af0383cd17_JaffaCakes118

    • Size

      179KB

    • MD5

      b791db68682b861d613c44af0383cd17

    • SHA1

      73a5234c58a7a162466ad0fbb06832a9a6359643

    • SHA256

      1c624702ae179751419ef6a4ef9826a6c13ce5d6175b600c8dc46857f9374689

    • SHA512

      32b7211a5c187145b9ef22083d67af44f77d0755915373af2b6fcc897f222dec423ce81e416cf1b36be50e472fa98267c8df0709e8403c1a1230f97fe15c51db

    • SSDEEP

      3072:K4EKrr2Xl9t0/sE2+Xj4yJa38Et1q7veqLUyxkChSCiXL6InHrRLyKAKLvnfL2:K4A+/sEljRUfi7veFyeChSCMnHr1ynKr

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks