Overview

overview

7

Static

static

3

ff9e9d05ca...18.exe

windows7-x64

7

ff9e9d05ca...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff9e9d05caf462f58aad45eb1ad5ef33_JaffaCakes118

  • Size

    765KB

  • Sample

    240930-a8my2aygll

  • MD5

    ff9e9d05caf462f58aad45eb1ad5ef33

  • SHA1

    c3b1a3bb8c707c811fcbae78135bdf99e9aa29ae

  • SHA256

    34b7919ce432fa1bf2af7e1079f5b4552ec63cfb72d08a3246bb319093ea26fc

  • SHA512

    23345c088056a641915b1a60fb0139ff076474c1bd8b9f8da6b946234121081b34cdb059d6d38ee93d31f1192d1386349539c987268005bc7caf0e629b1a74fa

  • SSDEEP

    12288:1TQpp5imtuIkU2h1mewId8rM+2A5v9PDrMKpiCUpiz80d+AXHL:nQbrdvqBtWXL

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      ff9e9d05caf462f58aad45eb1ad5ef33_JaffaCakes118

    • Size

      765KB

    • MD5

      ff9e9d05caf462f58aad45eb1ad5ef33

    • SHA1

      c3b1a3bb8c707c811fcbae78135bdf99e9aa29ae

    • SHA256

      34b7919ce432fa1bf2af7e1079f5b4552ec63cfb72d08a3246bb319093ea26fc

    • SHA512

      23345c088056a641915b1a60fb0139ff076474c1bd8b9f8da6b946234121081b34cdb059d6d38ee93d31f1192d1386349539c987268005bc7caf0e629b1a74fa

    • SSDEEP

      12288:1TQpp5imtuIkU2h1mewId8rM+2A5v9PDrMKpiCUpiz80d+AXHL:nQbrdvqBtWXL

    Score
    7/10
    discoveryupx

    • Drops startup file

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks