Overview

overview

8

Static

static

3

fc89b275f7...18.exe

windows7-x64

7

fc89b275f7...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    fc89b275f7fd924439cc4be7a0340fc6_JaffaCakes118

  • Size

    399KB

  • Sample

    240928-sazt2s1fpm

  • MD5

    fc89b275f7fd924439cc4be7a0340fc6

  • SHA1

    00213497e8166c80463184c5b755f42799f7e5cd

  • SHA256

    c416b7fc4c158974c90ab1b735e880fdb1d32a5f41650489c0e239becc1331db

  • SHA512

    2dc10d5e88f9b615d793176de94c03cb92b9cb2051887fcfe0f73acc41b6d0124a925010b2729f6dc7f2f56244c392423f80798b41ac1b0da5d2673e9afed89d

  • SSDEEP

    6144:SbWbsX6j9UVsRNmq41V7FqSexNV8+hCGTr1e1Kxx9zxggB:vt9UVW4q4f7F67V8+hPcKxx9zfB

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      fc89b275f7fd924439cc4be7a0340fc6_JaffaCakes118

    • Size

      399KB

    • MD5

      fc89b275f7fd924439cc4be7a0340fc6

    • SHA1

      00213497e8166c80463184c5b755f42799f7e5cd

    • SHA256

      c416b7fc4c158974c90ab1b735e880fdb1d32a5f41650489c0e239becc1331db

    • SHA512

      2dc10d5e88f9b615d793176de94c03cb92b9cb2051887fcfe0f73acc41b6d0124a925010b2729f6dc7f2f56244c392423f80798b41ac1b0da5d2673e9afed89d

    • SSDEEP

      6144:SbWbsX6j9UVsRNmq41V7FqSexNV8+hCGTr1e1Kxx9zxggB:vt9UVW4q4f7F67V8+hPcKxx9zfB

    Score
    8/10
    discoverypersistenceupx

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks