Overview

overview

7

Static

static

7

e25930c36e...18.exe

windows7-x64

7

e25930c36e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e25930c36e7ad2d6c7ca804148712844_JaffaCakes118

  • Size

    6.1MB

  • Sample

    240915-nadvcs1gjj

  • MD5

    e25930c36e7ad2d6c7ca804148712844

  • SHA1

    1788cd900c147d1608b5c9cda478fbaeaed80e44

  • SHA256

    55879a146579d506c6ae877239f656c7c964edb753ca3ed97319be9e49f50173

  • SHA512

    1e6bac6c580a36902aff654a8edc4d08b06a56ee9dc2b508c0e16d1678d9bf76c9b40e2ecf4231467a6d7f8427ea78c80b1e0a2caad60927e16ef9fbdad94523

  • SSDEEP

    98304:nAwzZHd5CU4G9KwYAOujNkIIp/jNhvFd0kCbEgiGzZJlaoCr6hzj/re:BZh4GkrAOuqnpQkCbXiGtJly61ra

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      e25930c36e7ad2d6c7ca804148712844_JaffaCakes118

    • Size

      6.1MB

    • MD5

      e25930c36e7ad2d6c7ca804148712844

    • SHA1

      1788cd900c147d1608b5c9cda478fbaeaed80e44

    • SHA256

      55879a146579d506c6ae877239f656c7c964edb753ca3ed97319be9e49f50173

    • SHA512

      1e6bac6c580a36902aff654a8edc4d08b06a56ee9dc2b508c0e16d1678d9bf76c9b40e2ecf4231467a6d7f8427ea78c80b1e0a2caad60927e16ef9fbdad94523

    • SSDEEP

      98304:nAwzZHd5CU4G9KwYAOujNkIIp/jNhvFd0kCbEgiGzZJlaoCr6hzj/re:BZh4GkrAOuqnpQkCbXiGtJly61ra

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks