Overview

overview

7

Static

static

5

01de5e9dbc...18.exe

windows7-x64

7

01de5e9dbc...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01de5e9dbc993f430a951b15ae2f0340_JaffaCakes118

  • Size

    784KB

  • Sample

    240930-r228tavcpf

  • MD5

    01de5e9dbc993f430a951b15ae2f0340

  • SHA1

    ee1547a4557a08f706d6a741abfd32b172b21652

  • SHA256

    4a22f7d56187c15f9c0c4f9095ec492a9fd9665d5b1cca6ef622b8a5408ca85d

  • SHA512

    594a523566f16f2b5d3790db9dbff813b2c2b6d2fc1bb49e1b1c603d47259b50fffc697ce19f9e2f339deca1c3ae90e91762e195b4b8c5379054fa8985dce77a

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitj4:r5sJo6YrFUiyAak11Ltj4

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      01de5e9dbc993f430a951b15ae2f0340_JaffaCakes118

    • Size

      784KB

    • MD5

      01de5e9dbc993f430a951b15ae2f0340

    • SHA1

      ee1547a4557a08f706d6a741abfd32b172b21652

    • SHA256

      4a22f7d56187c15f9c0c4f9095ec492a9fd9665d5b1cca6ef622b8a5408ca85d

    • SHA512

      594a523566f16f2b5d3790db9dbff813b2c2b6d2fc1bb49e1b1c603d47259b50fffc697ce19f9e2f339deca1c3ae90e91762e195b4b8c5379054fa8985dce77a

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitj4:r5sJo6YrFUiyAak11Ltj4

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks