Overview

overview

7

Static

static

7

c1622f7d27...18.exe

windows7-x64

7

c1622f7d27...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1622f7d27f2dd3ec2d41b7302ce7e15_JaffaCakes118

  • Size

    23KB

  • Sample

    240825-xqjj8azbla

  • MD5

    c1622f7d27f2dd3ec2d41b7302ce7e15

  • SHA1

    e9f5548383f51bd199941201be2f5d667c6bacf4

  • SHA256

    377c19038d5eff358621559827f4b91646d84424517246e716b89c3b28627234

  • SHA512

    eb2cb5a15025f5c1fc25920aa5f342519974af5f4f96504084dc1d7868329ae18a41633c90961e721c5221c1bfe6431e4ff44ad1f8305f9b9f4fd4d1b274eba0

  • SSDEEP

    384:WwznVKyqCvPSryiZuLwxu+Dl/p6aKPWpe:WQnwfCy2wxu+xAf

Score
7/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      c1622f7d27f2dd3ec2d41b7302ce7e15_JaffaCakes118

    • Size

      23KB

    • MD5

      c1622f7d27f2dd3ec2d41b7302ce7e15

    • SHA1

      e9f5548383f51bd199941201be2f5d667c6bacf4

    • SHA256

      377c19038d5eff358621559827f4b91646d84424517246e716b89c3b28627234

    • SHA512

      eb2cb5a15025f5c1fc25920aa5f342519974af5f4f96504084dc1d7868329ae18a41633c90961e721c5221c1bfe6431e4ff44ad1f8305f9b9f4fd4d1b274eba0

    • SSDEEP

      384:WwznVKyqCvPSryiZuLwxu+Dl/p6aKPWpe:WQnwfCy2wxu+xAf

    Score
    7/10
    discoverypersistenceprivilege_escalationupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks