Overview

overview

7

Static

static

3

c13faad0d0...18.exe

windows7-x64

7

c13faad0d0...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    c13faad0d040729a86651441b98f7e4d_JaffaCakes118

  • Size

    565KB

  • Sample

    240825-wasmhsxgpn

  • MD5

    c13faad0d040729a86651441b98f7e4d

  • SHA1

    652fd06b9761953a6f4f9ff2dc879a504c0c41ce

  • SHA256

    14f70935dcd5146eea1d34a29b4fe4a61eb904898203a4aa15771ad72990074a

  • SHA512

    db9be9ba501240455845620a72e923f2ebce9d9ea08bf71d811c3daa32b276523d0711fdf1e5d9dd9e3292f9f6690b665b507c781038d1810cd516f27e3fc65c

  • SSDEEP

    12288:jJrg1Y6A9LLH00HsurSOk7vffkfKGHYwz6uqOYKsx0QaDFplH6w9RERJ:jaYpHVHTSx7vff6KG4wuuZ80v5e62J

Score
7/10
adwarediscoverypersistencestealerupx

Malware Config

Targets

    • Target

      c13faad0d040729a86651441b98f7e4d_JaffaCakes118

    • Size

      565KB

    • MD5

      c13faad0d040729a86651441b98f7e4d

    • SHA1

      652fd06b9761953a6f4f9ff2dc879a504c0c41ce

    • SHA256

      14f70935dcd5146eea1d34a29b4fe4a61eb904898203a4aa15771ad72990074a

    • SHA512

      db9be9ba501240455845620a72e923f2ebce9d9ea08bf71d811c3daa32b276523d0711fdf1e5d9dd9e3292f9f6690b665b507c781038d1810cd516f27e3fc65c

    • SSDEEP

      12288:jJrg1Y6A9LLH00HsurSOk7vffkfKGHYwz6uqOYKsx0QaDFplH6w9RERJ:jaYpHVHTSx7vff6KG4wuuZ80v5e62J

    Score
    7/10
    adwarediscoverypersistencestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks