Overview

overview

7

Static

static

7

ef1edc5c8c...18.exe

windows7-x64

7

ef1edc5c8c...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ef1edc5c8ca24c39552ff942f3c3f622_JaffaCakes118

  • Size

    7.1MB

  • Sample

    240921-fr7vrswfpn

  • MD5

    ef1edc5c8ca24c39552ff942f3c3f622

  • SHA1

    681ce793607380b1e443ef5d02594f2a0200677e

  • SHA256

    8b50a28b7d0820a25dffe542ddc75f3ee5eb937613b52da890bcaf82f6925273

  • SHA512

    f0d33445a42f4851c2d681a82a64ee826c2656abe6422a8bdeaebf45735f15082f9857b4c5db7c2667d7cc1f6ec85c32ac065ad025e3fe0f194becfa6597d1ba

  • SSDEEP

    196608:Me6P9aFJFoPveiLSEVXSa+V6WlTUXHjW0:Me6PsFJF07LSE19+V65XDW0

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      ef1edc5c8ca24c39552ff942f3c3f622_JaffaCakes118

    • Size

      7.1MB

    • MD5

      ef1edc5c8ca24c39552ff942f3c3f622

    • SHA1

      681ce793607380b1e443ef5d02594f2a0200677e

    • SHA256

      8b50a28b7d0820a25dffe542ddc75f3ee5eb937613b52da890bcaf82f6925273

    • SHA512

      f0d33445a42f4851c2d681a82a64ee826c2656abe6422a8bdeaebf45735f15082f9857b4c5db7c2667d7cc1f6ec85c32ac065ad025e3fe0f194becfa6597d1ba

    • SSDEEP

      196608:Me6P9aFJFoPveiLSEVXSa+V6WlTUXHjW0:Me6PsFJF07LSE19+V65XDW0

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks