Overview

overview

10

Static

static

3

ecb88a32e6...18.exe

windows7-x64

10

ecb88a32e6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecb88a32e6174ffcac324f426386c19d_JaffaCakes118

  • Size

    169KB

  • Sample

    240920-dkpdqsvfrd

  • MD5

    ecb88a32e6174ffcac324f426386c19d

  • SHA1

    720b91f52321520aa8bb4848263f4c57978d2113

  • SHA256

    165ffc52aa45cdd400656ff0829d18b99bcf7b247d6a93a91cbde31ba9191966

  • SHA512

    aacc79e4588a1e826539430a0c0abed22bf794a2ebc8c617983adbbee802b8567c736b7137de332e309ec7ae6520038b8bd13008d46ad5672cb98bd32bc77481

  • SSDEEP

    3072:LZmbrfs02fhQkH5m65IDRyCKsODyK5p3dcXGbHIefzp58yXkmhRwAQ4ckIcI/SAC:Mbg56k4fRyCLO+K3qcHIi15JlZI/SAC

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      ecb88a32e6174ffcac324f426386c19d_JaffaCakes118

    • Size

      169KB

    • MD5

      ecb88a32e6174ffcac324f426386c19d

    • SHA1

      720b91f52321520aa8bb4848263f4c57978d2113

    • SHA256

      165ffc52aa45cdd400656ff0829d18b99bcf7b247d6a93a91cbde31ba9191966

    • SHA512

      aacc79e4588a1e826539430a0c0abed22bf794a2ebc8c617983adbbee802b8567c736b7137de332e309ec7ae6520038b8bd13008d46ad5672cb98bd32bc77481

    • SSDEEP

      3072:LZmbrfs02fhQkH5m65IDRyCKsODyK5p3dcXGbHIefzp58yXkmhRwAQ4ckIcI/SAC:Mbg56k4fRyCLO+K3qcHIi15JlZI/SAC

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks