Overview

overview

10

Static

static

7

i6g8xs.exe

windows7-x64

10

i6g8xs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc966204b226a5f1b03239d68f54c3d0_JaffaCakes118

  • Size

    49KB

  • Sample

    240823-vlzdrswhra

  • MD5

    bc966204b226a5f1b03239d68f54c3d0

  • SHA1

    3fbfe8ec664fd672f6e43d8fdf70f73c3fcc1d26

  • SHA256

    adbcd23e30eb980d8391f3fa5fc2dd3ea9b8080c3164d44558dc25d88b0112b3

  • SHA512

    a1fd539a150ef0261f73181f91c39a472aec5a95f5514b92235356db2aca8cd435c4cbc4e94784bc86a3f78a6ec0c2331281d756fd9d4393fa570bd0fe11d5d7

  • SSDEEP

    1536:Hq5jyuBQNZGDRQfCRxN9/7rOA9aQku1cqzT:K52MQNZGDRQqRxP/76fzuKqzT

Score
10/10
discoveryevasionexecutionpersistencetrojanupx

Malware Config

Targets

    • Target

      i6g8xs.exe

    • Size

      48KB

    • MD5

      ea297799866de9dfe1e6fb30e5764a9d

    • SHA1

      fdc842ce3835451f54430284bf2875902d55e278

    • SHA256

      0bc81e31e48d4625040ab83aae0c13db327f0ffc150a832112cb3aab0cfd0ffe

    • SHA512

      ba3446a7f54f197bb9e092768ea7080de01a5c7e6c81ebc42455405b5eefcf5ce4656431ac71a3ac810d5d1147957a8cebafed365f768987e0f6cc31ee28e966

    • SSDEEP

      768:bJ4zCKjyuBrz40+PQtmGJWaRMNYkCRxNAK4qlRRZagrOA9bre3+dDCQkuKWcWYXs:bq5jyuBQNZGDRQfCRxN9/7rOA9aQku1D

    Score
    10/10
    discoveryevasionexecutionpersistencetrojanupx

    • Disables service(s)

      evasionexecution

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks