Overview

overview

10

Static

static

3

eab64b8ff2...18.exe

windows7-x64

10

eab64b8ff2...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eab64b8ff2461a2711d23d98bc641759_JaffaCakes118

  • Size

    174KB

  • Sample

    240919-gnkfqsthnk

  • MD5

    eab64b8ff2461a2711d23d98bc641759

  • SHA1

    672527446005ea1c7c2f41469498d4a843b6cbf8

  • SHA256

    b44827ecdfdef3941eb5d1fb2a4ec80ed5c641be82f395765263c51417f7d5ef

  • SHA512

    ed70fc710ae643f37749c647a83222f87de8625e98157a67021051593db902e8df3e4b95884b2edd3b2d045f9c4b11443f87e3b93da4fa6b370cfcc8f3db3580

  • SSDEEP

    3072:w7boqDmmgy4crlgG5GOwA8ftBvqaoMu72lIs0zcndcfXb:wPoqKmv4YqGyt5qa7uSnd0r

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      eab64b8ff2461a2711d23d98bc641759_JaffaCakes118

    • Size

      174KB

    • MD5

      eab64b8ff2461a2711d23d98bc641759

    • SHA1

      672527446005ea1c7c2f41469498d4a843b6cbf8

    • SHA256

      b44827ecdfdef3941eb5d1fb2a4ec80ed5c641be82f395765263c51417f7d5ef

    • SHA512

      ed70fc710ae643f37749c647a83222f87de8625e98157a67021051593db902e8df3e4b95884b2edd3b2d045f9c4b11443f87e3b93da4fa6b370cfcc8f3db3580

    • SSDEEP

      3072:w7boqDmmgy4crlgG5GOwA8ftBvqaoMu72lIs0zcndcfXb:wPoqKmv4YqGyt5qa7uSnd0r

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks