Overview

overview

10

Static

static

3

140336a15f...18.exe

windows7-x64

10

140336a15f...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    140336a15f5b01cd9f0cd6cad58a7d7c_JaffaCakes118

  • Size

    171KB

  • Sample

    241004-tek25ashqp

  • MD5

    140336a15f5b01cd9f0cd6cad58a7d7c

  • SHA1

    a162b9b6a954d499a92d30b5d36109b5d0e3271b

  • SHA256

    cf427b404ea7ef591cc67ee07140fa092d787e405803deae03e290f241a6858f

  • SHA512

    c1b021a5222011646f8ba8ea9fb6f8ad85e137472f536fdd22527b62f0c6756fe5bc8a362589d0a6f51e6bc9b3933bb87dc71bda7985b6c9ad8f9d0fe8aa176e

  • SSDEEP

    3072:/9ocr+PgxoG7R/T4Js8o1xlPU6GYYdNeYT/vYRwxR7QCBZwPPB9RfRn/FDyJ6:/VyGvt20vl6YYdNeWYRwzEXPpjGJ6

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      140336a15f5b01cd9f0cd6cad58a7d7c_JaffaCakes118

    • Size

      171KB

    • MD5

      140336a15f5b01cd9f0cd6cad58a7d7c

    • SHA1

      a162b9b6a954d499a92d30b5d36109b5d0e3271b

    • SHA256

      cf427b404ea7ef591cc67ee07140fa092d787e405803deae03e290f241a6858f

    • SHA512

      c1b021a5222011646f8ba8ea9fb6f8ad85e137472f536fdd22527b62f0c6756fe5bc8a362589d0a6f51e6bc9b3933bb87dc71bda7985b6c9ad8f9d0fe8aa176e

    • SSDEEP

      3072:/9ocr+PgxoG7R/T4Js8o1xlPU6GYYdNeYT/vYRwxR7QCBZwPPB9RfRn/FDyJ6:/VyGvt20vl6YYdNeWYRwzEXPpjGJ6

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks