Overview

overview

7

Static

static

3

eaa6e62eb9...18.exe

windows7-x64

7

eaa6e62eb9...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eaa6e62eb9d2658f4a42c1f3aa9cac39_JaffaCakes118

  • Size

    444KB

  • Sample

    240919-fxpldasgkr

  • MD5

    eaa6e62eb9d2658f4a42c1f3aa9cac39

  • SHA1

    2a1b9d9ef3883e086eb71b06f92fc0b333cbd843

  • SHA256

    80ade822a526d5c55756a34405afa7c7d73bcc3840a734d16b8b87143f68568d

  • SHA512

    37a92c9ba293535f872f7a8966ff8fac960e225a536c3ce30ec2926da57420264d86200ee333c54532658fc984282041ec17a0fe2685e385899c637cda0cea78

  • SSDEEP

    12288:WG4/ICycu4oFU7VKRsr9jIirCPAweoHjyR5Rqq5w+HSCc:PcuP5UCFPAKmPRKQ

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      eaa6e62eb9d2658f4a42c1f3aa9cac39_JaffaCakes118

    • Size

      444KB

    • MD5

      eaa6e62eb9d2658f4a42c1f3aa9cac39

    • SHA1

      2a1b9d9ef3883e086eb71b06f92fc0b333cbd843

    • SHA256

      80ade822a526d5c55756a34405afa7c7d73bcc3840a734d16b8b87143f68568d

    • SHA512

      37a92c9ba293535f872f7a8966ff8fac960e225a536c3ce30ec2926da57420264d86200ee333c54532658fc984282041ec17a0fe2685e385899c637cda0cea78

    • SSDEEP

      12288:WG4/ICycu4oFU7VKRsr9jIirCPAweoHjyR5Rqq5w+HSCc:PcuP5UCFPAKmPRKQ

    Score
    7/10
    discoverypersistenceupx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks