Overview

overview

10

Static

static

7

ed2d1f7f3e...18.exe

windows7-x64

10

ed2d1f7f3e...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed2d1f7f3e4a265e3062733e1a6cd3d6_JaffaCakes118

  • Size

    94KB

  • Sample

    240920-j4e73axbqr

  • MD5

    ed2d1f7f3e4a265e3062733e1a6cd3d6

  • SHA1

    3475082b9013b8c1658fff2f35727df0c748f9bc

  • SHA256

    192481a48ae9bf6becd43857a0dc9bbf1a7262c5d092c0ed62847d182fafcefc

  • SHA512

    3c6cc2166f5bb007d12aaa79ae76662aa2a7e0f838d1246a4fe6c80a3005c70a95207f94eb2f53870edc3b5ecb17dbddab5f52f066fabc346573695e13463b18

  • SSDEEP

    1536:rWWWt9jj4Qs8iBHPKWQvEHo0t1rYupnADnx:QiBiWQvEHo0nMupAV

Score
10/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      ed2d1f7f3e4a265e3062733e1a6cd3d6_JaffaCakes118

    • Size

      94KB

    • MD5

      ed2d1f7f3e4a265e3062733e1a6cd3d6

    • SHA1

      3475082b9013b8c1658fff2f35727df0c748f9bc

    • SHA256

      192481a48ae9bf6becd43857a0dc9bbf1a7262c5d092c0ed62847d182fafcefc

    • SHA512

      3c6cc2166f5bb007d12aaa79ae76662aa2a7e0f838d1246a4fe6c80a3005c70a95207f94eb2f53870edc3b5ecb17dbddab5f52f066fabc346573695e13463b18

    • SSDEEP

      1536:rWWWt9jj4Qs8iBHPKWQvEHo0t1rYupnADnx:QiBiWQvEHo0nMupAV

    Score
    10/10
    discoverypersistenceupx

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks