Overview

overview

7

Static

static

7

ba2541288a...18.exe

windows7-x64

7

ba2541288a...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ba2541288a23f299c4ea7f305c5bcb07_JaffaCakes118

  • Size

    4.9MB

  • Sample

    240823-dsrttsvekn

  • MD5

    ba2541288a23f299c4ea7f305c5bcb07

  • SHA1

    63c242d2af80806ff889e2c64824faa90eff807c

  • SHA256

    77fd9d414b29271f0cac9d1dc746f87a5442a4ab85c4c05232b1a380d8895d47

  • SHA512

    901472171e53f194efa96f0929b31d2632fd1859569f9f1d7e828079f1e31d1b4ae4d7fe554d946f376427fbd56c587376461d8bf3e13b00f76d0048b4aee62c

  • SSDEEP

    98304:YwgvElNVqcIP+bTHlXvq27DiD0Ku9m0KHVRLIC59S4ArXex4olvd58kXQUrqE:Y18lCPP+1Xvq27dinqa/HXQoR

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      ba2541288a23f299c4ea7f305c5bcb07_JaffaCakes118

    • Size

      4.9MB

    • MD5

      ba2541288a23f299c4ea7f305c5bcb07

    • SHA1

      63c242d2af80806ff889e2c64824faa90eff807c

    • SHA256

      77fd9d414b29271f0cac9d1dc746f87a5442a4ab85c4c05232b1a380d8895d47

    • SHA512

      901472171e53f194efa96f0929b31d2632fd1859569f9f1d7e828079f1e31d1b4ae4d7fe554d946f376427fbd56c587376461d8bf3e13b00f76d0048b4aee62c

    • SSDEEP

      98304:YwgvElNVqcIP+bTHlXvq27DiD0Ku9m0KHVRLIC59S4ArXex4olvd58kXQUrqE:Y18lCPP+1Xvq27dinqa/HXQoR

    Score
    7/10
    discoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks