Overview

overview

5

Static

static

5

CF�...��.exe

windows7-x64

5

CF�...��.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    2bec93bf3bf6be951465f492a7193b80_JaffaCakes118

  • Size

    382KB

  • Sample

    241009-gf21taydrd

  • MD5

    2bec93bf3bf6be951465f492a7193b80

  • SHA1

    fd98d7de1d84ccf7cb851f62fd09f5c1b32f6f2f

  • SHA256

    f0d9f7c7910571f6be1794e3790e193257938532b22f38db934113035c00da2c

  • SHA512

    e8b734eda904c55446bf599609f3398a94561947761911b071669467ee43c581298a8a19232a967636983b1909c0b976bf5591a3ad03222f3753608c422cb906

  • SSDEEP

    6144:R5ZvawMzRCMGodZwrHmTZNXln500WZCcmwNvTxVqkf7JLptwtZInRSXajD:dva1N4wZD500GvNvT5FrYZaRf

Score
5/10
discoveryupx

Malware Config

Targets

    • Target

      CF޿.exe

    • Size

      399KB

    • MD5

      11bd2b49b143d120e040083733d04263

    • SHA1

      af55a31d5e7297a8daa6f1da37c3dccf5eaa4cc9

    • SHA256

      70913addeddb189f3b6567b2f470196600a52dbc3b19200f51b4832be02a041e

    • SHA512

      3ac97a6818fc78fd15995a1085074837a72546915a104a6253a4556fc6a850e6b368da25a46764c371d94a1fdbeba30ef657623b406238d49ebd2391aa09358d

    • SSDEEP

      6144:quQsL5MzREMIodZmrHmTRNXln500WZCcmwNvTxXqkf7JBptwtnInRSXwjELrZn8Z:q4LWFuwRD500G7NvTTFhYnaRMLt8oS

    Score
    5/10
    discoveryupx

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks