Overview

overview

7

Static

static

3

eabc40285c...18.exe

windows7-x64

7

eabc40285c...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eabc40285c6d6e0edb80d13fd42dfda9_JaffaCakes118

  • Size

    399KB

  • Sample

    240919-gxrw6svcpm

  • MD5

    eabc40285c6d6e0edb80d13fd42dfda9

  • SHA1

    14b5a70ba428c3804a30ca17b4f7d1de493c618a

  • SHA256

    1df5793f565c59dad4d26e57b98d788003b939f0369fde2865e90e28ff81ffc4

  • SHA512

    360481308ce5b19185f99f9869368eb435abd3e0fc2f0f00ce890b9b8bc194be24da855ae429d65700182f8b06c86652f64735ea1fc91cff5751478a0fdb9452

  • SSDEEP

    12288:ODlkmcqF16V9/tiDekf9WD1j9iAGqy8aF6D5:Yj5FSL0f9Esqy8QI

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      eabc40285c6d6e0edb80d13fd42dfda9_JaffaCakes118

    • Size

      399KB

    • MD5

      eabc40285c6d6e0edb80d13fd42dfda9

    • SHA1

      14b5a70ba428c3804a30ca17b4f7d1de493c618a

    • SHA256

      1df5793f565c59dad4d26e57b98d788003b939f0369fde2865e90e28ff81ffc4

    • SHA512

      360481308ce5b19185f99f9869368eb435abd3e0fc2f0f00ce890b9b8bc194be24da855ae429d65700182f8b06c86652f64735ea1fc91cff5751478a0fdb9452

    • SSDEEP

      12288:ODlkmcqF16V9/tiDekf9WD1j9iAGqy8aF6D5:Yj5FSL0f9Esqy8QI

    Score
    7/10
    discoverypersistenceupx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks