Overview

overview

7

Static

static

5

083751cdf0...18.exe

windows7-x64

7

083751cdf0...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    083751cdf09233bb6b98f3a4a295d20a_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241002-bnk5datdqd

  • MD5

    083751cdf09233bb6b98f3a4a295d20a

  • SHA1

    3bc83b2bd0405db1f25a166a2c76f2bf177f4c35

  • SHA256

    575279c7009e31b41306478693c5c34aaa9c019924b909d71a004e9e97c6cce2

  • SHA512

    b4a71dfae3c9fce72ce0c417572c636e4b63e99e467a5d7fd5467575d8393fb99e44cc07d74c91bde9615fcadbd20db5773327bd324efbe5fd7aa8282da1886e

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjNgFU:r5sJo6YrFUiyAak11LtjNgFU

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      083751cdf09233bb6b98f3a4a295d20a_JaffaCakes118

    • Size

      1.1MB

    • MD5

      083751cdf09233bb6b98f3a4a295d20a

    • SHA1

      3bc83b2bd0405db1f25a166a2c76f2bf177f4c35

    • SHA256

      575279c7009e31b41306478693c5c34aaa9c019924b909d71a004e9e97c6cce2

    • SHA512

      b4a71dfae3c9fce72ce0c417572c636e4b63e99e467a5d7fd5467575d8393fb99e44cc07d74c91bde9615fcadbd20db5773327bd324efbe5fd7aa8282da1886e

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjNgFU:r5sJo6YrFUiyAak11LtjNgFU

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks