Overview

overview

7

Static

static

3

12dfe2704b...18.exe

windows7-x64

7

12dfe2704b...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    12dfe2704bdd9f5c7757b9d868a61007_JaffaCakes118

  • Size

    158KB

  • Sample

    241004-l2mkgasbnc

  • MD5

    12dfe2704bdd9f5c7757b9d868a61007

  • SHA1

    851abb91fc82acdeee036c8587759f492af76830

  • SHA256

    6340bc38a8a47fead26d86e49c8f9569ba24cd7decb226c48412d2d412b962f0

  • SHA512

    6b4a018eda95381e00cbdbdb558a619eb9486bc0e13f357264ea27cefec915abe93ed500233247ad4d7aed9ef07bed3aea87a713183966d9aac87313c190078c

  • SSDEEP

    3072:Kk/fmhnw4mTICu3IS2KL+gPqw66CT8ZH6UG+JQtzKDCHOMRIi5:Gnwo4FKdP66CToH9GfuMyk

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      12dfe2704bdd9f5c7757b9d868a61007_JaffaCakes118

    • Size

      158KB

    • MD5

      12dfe2704bdd9f5c7757b9d868a61007

    • SHA1

      851abb91fc82acdeee036c8587759f492af76830

    • SHA256

      6340bc38a8a47fead26d86e49c8f9569ba24cd7decb226c48412d2d412b962f0

    • SHA512

      6b4a018eda95381e00cbdbdb558a619eb9486bc0e13f357264ea27cefec915abe93ed500233247ad4d7aed9ef07bed3aea87a713183966d9aac87313c190078c

    • SSDEEP

      3072:Kk/fmhnw4mTICu3IS2KL+gPqw66CT8ZH6UG+JQtzKDCHOMRIi5:Gnwo4FKdP66CToH9GfuMyk

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks