Overview

overview

10

Static

static

3

fd8e8deff9...18.exe

windows7-x64

10

fd8e8deff9...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd8e8deff94296c882beaabe51a3c7a3_JaffaCakes118

  • Size

    165KB

  • Sample

    240929-b5swjsxhjg

  • MD5

    fd8e8deff94296c882beaabe51a3c7a3

  • SHA1

    aebacb50a2df7891e06b03218ebcc6aa9240537a

  • SHA256

    6d2f52791863b5a3373f8831829cafc632711bf91c682519fa65b264b2b5f928

  • SHA512

    9bc05b15c5aaafae2bdf27e1e917a9273cf9e5bf7b8dd164827de0446438f792e68c2794ce04fb5b9b4b7c0ff3352bc48b8c41f67c0aab5f5234212ca35518b4

  • SSDEEP

    3072:u1tkv4qS0ZBQ/SlNEZhWd1SZ/XodGsm79eGK+nZ05UnltOQhkIDXg/xLFZPUELJD:uc4qTZBQ/SAYSfkGsmsGfnZ0qnlgQaI8

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      fd8e8deff94296c882beaabe51a3c7a3_JaffaCakes118

    • Size

      165KB

    • MD5

      fd8e8deff94296c882beaabe51a3c7a3

    • SHA1

      aebacb50a2df7891e06b03218ebcc6aa9240537a

    • SHA256

      6d2f52791863b5a3373f8831829cafc632711bf91c682519fa65b264b2b5f928

    • SHA512

      9bc05b15c5aaafae2bdf27e1e917a9273cf9e5bf7b8dd164827de0446438f792e68c2794ce04fb5b9b4b7c0ff3352bc48b8c41f67c0aab5f5234212ca35518b4

    • SSDEEP

      3072:u1tkv4qS0ZBQ/SlNEZhWd1SZ/XodGsm79eGK+nZ05UnltOQhkIDXg/xLFZPUELJD:uc4qTZBQ/SAYSfkGsmsGfnZ0qnlgQaI8

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks