Overview

overview

8

Static

static

7

da20e987a2...18.dll

windows7-x64

8

da20e987a2...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    da20e987a200f9e94112d989caff5f3d_JaffaCakes118

  • Size

    22KB

  • Sample

    240911-ma6dyawala

  • MD5

    da20e987a200f9e94112d989caff5f3d

  • SHA1

    0867d3f794d4f6d139590460628a3f7a20ff1b84

  • SHA256

    ddfb7ace775d7851531ee57d63efe1fab85b574e1d46d86932a3aa080a639399

  • SHA512

    47a5de5415016a369178e3c72acb99bb5f03ac321f2ac461cf759ae9bbd0e2395ea4b80c736025fa3eb616236fc4d2125d2bdad739be25109510091644f32a7b

  • SSDEEP

    384:AF06DEvaF7Oazr204JGv49wqc+0EUKc0mUXW1/4XdIKL9nn0k1jN72x:A06IvJUr2046ZqkEUKc0mUQWdxn0k15q

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      da20e987a200f9e94112d989caff5f3d_JaffaCakes118

    • Size

      22KB

    • MD5

      da20e987a200f9e94112d989caff5f3d

    • SHA1

      0867d3f794d4f6d139590460628a3f7a20ff1b84

    • SHA256

      ddfb7ace775d7851531ee57d63efe1fab85b574e1d46d86932a3aa080a639399

    • SHA512

      47a5de5415016a369178e3c72acb99bb5f03ac321f2ac461cf759ae9bbd0e2395ea4b80c736025fa3eb616236fc4d2125d2bdad739be25109510091644f32a7b

    • SSDEEP

      384:AF06DEvaF7Oazr204JGv49wqc+0EUKc0mUXW1/4XdIKL9nn0k1jN72x:A06IvJUr2046ZqkEUKc0mUQWdxn0k15q

    Score
    8/10
    discoverypersistenceupx

    • Server Software Component: Terminal Services DLL

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks