Overview

overview

6

Static

static

5

fa817d140c...18.exe

windows7-x64

6

fa817d140c...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa817d140ccba9a8eaf6cf4d81dcd3d2_JaffaCakes118

  • Size

    3.8MB

  • Sample

    240927-qy9m2sxelf

  • MD5

    fa817d140ccba9a8eaf6cf4d81dcd3d2

  • SHA1

    4414a60cacec630695163bdcbb58f669d4a05388

  • SHA256

    3c5c68f2e46246e6431a067d554ff0a72d65a8611f7deccd0b7fd1d33e7c594a

  • SHA512

    aeee3ff64d7e24513e3df6d47dff0c23c2599062ae7ce27dbcbe93a7265ef0f80aa79d847d50d8a44246d848aa8ebe60721c4fecbc952d03a914bd86f02dc5d5

  • SSDEEP

    98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPdY:uZHrzyG+2aDHGkS8CG

Score
6/10
discoveryupx

Malware Config

Targets

    • Target

      fa817d140ccba9a8eaf6cf4d81dcd3d2_JaffaCakes118

    • Size

      3.8MB

    • MD5

      fa817d140ccba9a8eaf6cf4d81dcd3d2

    • SHA1

      4414a60cacec630695163bdcbb58f669d4a05388

    • SHA256

      3c5c68f2e46246e6431a067d554ff0a72d65a8611f7deccd0b7fd1d33e7c594a

    • SHA512

      aeee3ff64d7e24513e3df6d47dff0c23c2599062ae7ce27dbcbe93a7265ef0f80aa79d847d50d8a44246d848aa8ebe60721c4fecbc952d03a914bd86f02dc5d5

    • SSDEEP

      98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPdY:uZHrzyG+2aDHGkS8CG

    Score
    6/10
    discoveryupx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks