Overview

overview

7

Static

static

3

dec7e9fa61...18.exe

windows7-x64

7

dec7e9fa61...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dec7e9fa61010a6343ba5e8d648613d4_JaffaCakes118

  • Size

    732KB

  • Sample

    240913-ye4lpavejp

  • MD5

    dec7e9fa61010a6343ba5e8d648613d4

  • SHA1

    0dd5ef203f0180fa9ece513766fbd340b9eb2611

  • SHA256

    12883e0f1911daadb66fbbb66b7be9feb6e02a1c3447445ce1947dd6fc600410

  • SHA512

    9fa5c56a4baa727029e99428db8a18137a5e1738e2081b89ab466ff783ddbd8f65bf483bac10fb92620143dd3193f959feea58d04dc12119cbe318d676f09f97

  • SSDEEP

    12288:mFTct0d32sPh2Z1QNK8QfvRyGYfgcYHYGBHiAREscEs6/6ALwXh47WKmX:mFTdR2spSQOXrJFFPREws6NLeK7sX

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      dec7e9fa61010a6343ba5e8d648613d4_JaffaCakes118

    • Size

      732KB

    • MD5

      dec7e9fa61010a6343ba5e8d648613d4

    • SHA1

      0dd5ef203f0180fa9ece513766fbd340b9eb2611

    • SHA256

      12883e0f1911daadb66fbbb66b7be9feb6e02a1c3447445ce1947dd6fc600410

    • SHA512

      9fa5c56a4baa727029e99428db8a18137a5e1738e2081b89ab466ff783ddbd8f65bf483bac10fb92620143dd3193f959feea58d04dc12119cbe318d676f09f97

    • SSDEEP

      12288:mFTct0d32sPh2Z1QNK8QfvRyGYfgcYHYGBHiAREscEs6/6ALwXh47WKmX:mFTdR2spSQOXrJFFPREws6NLeK7sX

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks