Overview

overview

7

Static

static

5

28480e027c...18.exe

windows7-x64

7

28480e027c...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28480e027c570924131b9155215bf60a_JaffaCakes118

  • Size

    655KB

  • Sample

    241009-bmdnxa1hjf

  • MD5

    28480e027c570924131b9155215bf60a

  • SHA1

    6ad264287420879cb14bc1dd194187ea0226dacc

  • SHA256

    8bd08c51ecd6a76e6b4bdb9ef8cb608875427d1b925dfcd6a75f88a7e0db84fd

  • SHA512

    4fc2a628eddc3a45ad89c94ca30770a4d682faab28fd2ad08e6570b05de7ee8f1fd95a8188fa6765791dcd3b1e34b768f376264337782ab3a881b446cd52e2bd

  • SSDEEP

    12288:AdMSf+1PMXV7PypLuCGzQ2zG8hDGnIWeqBN1CuXuHVp9X9PVw:XhQ5TGn3e+ET5X9PVw

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      28480e027c570924131b9155215bf60a_JaffaCakes118

    • Size

      655KB

    • MD5

      28480e027c570924131b9155215bf60a

    • SHA1

      6ad264287420879cb14bc1dd194187ea0226dacc

    • SHA256

      8bd08c51ecd6a76e6b4bdb9ef8cb608875427d1b925dfcd6a75f88a7e0db84fd

    • SHA512

      4fc2a628eddc3a45ad89c94ca30770a4d682faab28fd2ad08e6570b05de7ee8f1fd95a8188fa6765791dcd3b1e34b768f376264337782ab3a881b446cd52e2bd

    • SSDEEP

      12288:AdMSf+1PMXV7PypLuCGzQ2zG8hDGnIWeqBN1CuXuHVp9X9PVw:XhQ5TGn3e+ET5X9PVw

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks