Overview

overview

10

Static

static

3

14af39fc13...18.exe

windows7-x64

10

14af39fc13...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    14af39fc131792bfb8bcd87735910280_JaffaCakes118

  • Size

    171KB

  • Sample

    241004-ydek6sxbmd

  • MD5

    14af39fc131792bfb8bcd87735910280

  • SHA1

    0fe27a502f9bdf69e19e2155d819e0c091d188a5

  • SHA256

    7964a21494642ac150a91c7e0b7cbf88e50edef5f5cc3e928d28e7bcd894f323

  • SHA512

    40f145c0c3ad1145d5473165208baf59f9ebc958a7c76238e7c9b2f01abf12850b63679830985a3bb4b3aa856d33ac384aba638505a95d0ae84f32a5059cb62b

  • SSDEEP

    3072:+Km3p7eYnGohmEyGR4tuQPSgP+ybALSf7FmrBDcTM+j8jnHnfTwarMaYPj:9wNecGoVPRCSgPBbVzcrBg4NjnHfTwa6

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      14af39fc131792bfb8bcd87735910280_JaffaCakes118

    • Size

      171KB

    • MD5

      14af39fc131792bfb8bcd87735910280

    • SHA1

      0fe27a502f9bdf69e19e2155d819e0c091d188a5

    • SHA256

      7964a21494642ac150a91c7e0b7cbf88e50edef5f5cc3e928d28e7bcd894f323

    • SHA512

      40f145c0c3ad1145d5473165208baf59f9ebc958a7c76238e7c9b2f01abf12850b63679830985a3bb4b3aa856d33ac384aba638505a95d0ae84f32a5059cb62b

    • SSDEEP

      3072:+Km3p7eYnGohmEyGR4tuQPSgP+ybALSf7FmrBDcTM+j8jnHnfTwarMaYPj:9wNecGoVPRCSgPBbVzcrBg4NjnHfTwa6

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks