Overview

overview

7

Static

static

3

details.tx... .exe

windows7-x64

7

details.tx... .exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    dd24e7a3a45e5aa401384358dff3d05a_JaffaCakes118

  • Size

    29KB

  • Sample

    240912-154eqaxgll

  • MD5

    dd24e7a3a45e5aa401384358dff3d05a

  • SHA1

    3e5cd73ca9c744e5a8ff8f4ee1d04c92f755ef99

  • SHA256

    01cf121efbb7ffd5b0a1519a7399a17bd30ebff6783dbb3511cc5bd83329cacb

  • SHA512

    44c6622ba299b5036648e840ed2b0ebb6f389b6b14b8ceb11013b06415ad376d3938fbe6370b2fd306fce8f8ca9453d0e7f52404a93ddb39b28b3b04b52e1f0f

  • SSDEEP

    768:dWkliAnUQYkYKzqbjC5RqHjrYReyZx+l0oKriCPRDLP:sySsz6jGeyZx+l0TR3

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      details.txt .pif

    • Size

      28KB

    • MD5

      3018e99857f31a59e0777396ae634a8f

    • SHA1

      7031cfe76ee7b2c925f2c00372fb9ef7f983f60c

    • SHA256

      c8fffb2e737514c551b2d7bcaf8baa459564b059cab1a35a3cec4b3c270d4525

    • SHA512

      4604c98f765be26d4a0a33f54cc777810cae7fab5153ee637b4fc8057492fd40de6fdf9d88dc4f7f34f45dd174bae54a2b39e0f0e5f1f5997820b9bccf47686a

    • SSDEEP

      768:vWkliAnUQYkYKzqbjC5RqHjrYReyZx+l0oKriCPRDL:+ySsz6jGeyZx+l0TR

    Score
    7/10
    discoverypersistencespywarestealer

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks