Overview

overview

10

Static

static

3

12db771eaa...18.exe

windows7-x64

10

12db771eaa...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    12db771eaa590e7bca7d6f146836d499_JaffaCakes118

  • Size

    193KB

  • Sample

    241004-lx9jfasajg

  • MD5

    12db771eaa590e7bca7d6f146836d499

  • SHA1

    c5863403ee35968c8ff47d0b4854640f04b50163

  • SHA256

    7175f39e8e1d36424c4c98531a423b7ccedc9607b683e1274f2e6b34359898c0

  • SHA512

    3b2b5ec72cc40913bfe9e10edbb047508ab6576abc21ed97d85e8ce98dd41f859d8c427c1330ef1102cfc78f9049d875d024e6917af8b76c9578b9311504f047

  • SSDEEP

    3072:y9fJOJ0ZFXoKetJEXVsAromdT0slsofctfjbXKpJK+XcXUHvFAJZ57Mien:6fAeFXCtJgqS9fSj7KXRXvqf5E

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      12db771eaa590e7bca7d6f146836d499_JaffaCakes118

    • Size

      193KB

    • MD5

      12db771eaa590e7bca7d6f146836d499

    • SHA1

      c5863403ee35968c8ff47d0b4854640f04b50163

    • SHA256

      7175f39e8e1d36424c4c98531a423b7ccedc9607b683e1274f2e6b34359898c0

    • SHA512

      3b2b5ec72cc40913bfe9e10edbb047508ab6576abc21ed97d85e8ce98dd41f859d8c427c1330ef1102cfc78f9049d875d024e6917af8b76c9578b9311504f047

    • SSDEEP

      3072:y9fJOJ0ZFXoKetJEXVsAromdT0slsofctfjbXKpJK+XcXUHvFAJZ57Mien:6fAeFXCtJgqS9fSj7KXRXvqf5E

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks