Overview

overview

7

Static

static

5

ffb81a1afe...18.exe

windows7-x64

7

ffb81a1afe...18.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    ffb81a1afef298fec167cab7d6724950_JaffaCakes118

  • Size

    42KB

  • Sample

    240930-cceznawcrd

  • MD5

    ffb81a1afef298fec167cab7d6724950

  • SHA1

    227b20fbf539f2e0c2af9eed4a4d31a4024c69c4

  • SHA256

    7d91d3f89fae77ea0f7c35f419cf8a717ecd7ba78dc7e09d039c163396cb64e4

  • SHA512

    7625f8c1d3d2411d8c1baa565e66d735308974be7c8c32fdca5b154a1a8d176cb7003af137c80a83093188bcff4dd4e1a026d90aa32dbac8a4609bcee1e4596b

  • SSDEEP

    768:x39ZvXWTfyrzaZdMdEMbhsX5Lq+37CKQVpvEe5gPb/xk2A1jkAzNcKqMf+z:x3HXJodMeMbg5+AcSb5k2QjkAzaKq5z

Score
7/10
discoveryevasionpersistencetrojanupx

Malware Config

Targets

    • Target

      ffb81a1afef298fec167cab7d6724950_JaffaCakes118

    • Size

      42KB

    • MD5

      ffb81a1afef298fec167cab7d6724950

    • SHA1

      227b20fbf539f2e0c2af9eed4a4d31a4024c69c4

    • SHA256

      7d91d3f89fae77ea0f7c35f419cf8a717ecd7ba78dc7e09d039c163396cb64e4

    • SHA512

      7625f8c1d3d2411d8c1baa565e66d735308974be7c8c32fdca5b154a1a8d176cb7003af137c80a83093188bcff4dd4e1a026d90aa32dbac8a4609bcee1e4596b

    • SSDEEP

      768:x39ZvXWTfyrzaZdMdEMbhsX5Lq+37CKQVpvEe5gPb/xk2A1jkAzNcKqMf+z:x3HXJodMeMbg5+AcSb5k2QjkAzaKq5z

    Score
    7/10
    discoveryevasionpersistencetrojanupx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks