Overview

overview

10

Static

static

3

0ba6841ed0...18.exe

windows7-x64

10

0ba6841ed0...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ba6841ed0b101f5ac182fff84c0a17a_JaffaCakes118

  • Size

    133KB

  • Sample

    241002-vcrbsszhme

  • MD5

    0ba6841ed0b101f5ac182fff84c0a17a

  • SHA1

    65ab6f1b12bfb00746b2469ffa0443995d949a20

  • SHA256

    5da79b888f79dd6f2db44e3b62a468c865d39202ba8b5c09a081ca984fd33dee

  • SHA512

    4dede93c5ce5ce1bc96d0358c2e8cc8428d0fe0f3f21584a9090b48d6fea6a0bb9c7eb1a1872594667b30329feb1a95cfb2aa560e12637abfbb5319fa2cad6fe

  • SSDEEP

    3072:UAAPfDYFoRrDhv31gu3K4DYzyLsg+yMnNs6KY:UFkFoxhvau3pyg+yMNs

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      0ba6841ed0b101f5ac182fff84c0a17a_JaffaCakes118

    • Size

      133KB

    • MD5

      0ba6841ed0b101f5ac182fff84c0a17a

    • SHA1

      65ab6f1b12bfb00746b2469ffa0443995d949a20

    • SHA256

      5da79b888f79dd6f2db44e3b62a468c865d39202ba8b5c09a081ca984fd33dee

    • SHA512

      4dede93c5ce5ce1bc96d0358c2e8cc8428d0fe0f3f21584a9090b48d6fea6a0bb9c7eb1a1872594667b30329feb1a95cfb2aa560e12637abfbb5319fa2cad6fe

    • SSDEEP

      3072:UAAPfDYFoRrDhv31gu3K4DYzyLsg+yMnNs6KY:UFkFoxhvau3pyg+yMNs

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks