Overview

overview

7

Static

static

5

2fb7b36bfb...18.exe

windows7-x64

7

2fb7b36bfb...18.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    2fb7b36bfb47a05d3550e8912c852ab1_JaffaCakes118

  • Size

    798KB

  • Sample

    241009-mteqbs1ejr

  • MD5

    2fb7b36bfb47a05d3550e8912c852ab1

  • SHA1

    0d4766cdd191cf22111f1bdaa610e50b6613c467

  • SHA256

    5308ade8b3627cbb184fc6ee70b2345cbdadc1afa8255fdca6a5db8ced6cb8ed

  • SHA512

    17fd5017bb3e76c1437a1483dc18857f0700f23070c928e9cec270094b75682abdf2717759c9559e63de5da8697d5009f6c40d1727380ff09597c710e98d85ac

  • SSDEEP

    6144:wD7GsXs2/RMeHZ9Vkjs7VZpylwYdGKgODMPaU8oS:cxsjswwVK14IoS

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      2fb7b36bfb47a05d3550e8912c852ab1_JaffaCakes118

    • Size

      798KB

    • MD5

      2fb7b36bfb47a05d3550e8912c852ab1

    • SHA1

      0d4766cdd191cf22111f1bdaa610e50b6613c467

    • SHA256

      5308ade8b3627cbb184fc6ee70b2345cbdadc1afa8255fdca6a5db8ced6cb8ed

    • SHA512

      17fd5017bb3e76c1437a1483dc18857f0700f23070c928e9cec270094b75682abdf2717759c9559e63de5da8697d5009f6c40d1727380ff09597c710e98d85ac

    • SSDEEP

      6144:wD7GsXs2/RMeHZ9Vkjs7VZpylwYdGKgODMPaU8oS:cxsjswwVK14IoS

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks