Overview

overview

7

Static

static

3

30a9babc4c...18.exe

windows7-x64

7

30a9babc4c...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30a9babc4cbc6f244ef0930fbb25f239_JaffaCakes118

  • Size

    745KB

  • Sample

    241010-s8qn2ayemq

  • MD5

    30a9babc4cbc6f244ef0930fbb25f239

  • SHA1

    bca6877f4c30aa99d5648713c2e9720d16acc6ab

  • SHA256

    ab9531e9f9a9b3d4c22bfe17e653af78552bcca475655300c0bf39c3b0b9506f

  • SHA512

    b18c020af642747add2c15a6b7251a6c5d7546971deeba42146f9691d2179fe4fac922a5361b583773cbe0060bfc43af14a8d121d8062d06a7ed769475b8fb73

  • SSDEEP

    12288:K4S+2Dh5J/eD6qyV51p7sstpptHegRXWdWJnXYhJkw3GwgHBH+Z:m+8h5J/eGqM1pYsn7NRJnX7wl

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      30a9babc4cbc6f244ef0930fbb25f239_JaffaCakes118

    • Size

      745KB

    • MD5

      30a9babc4cbc6f244ef0930fbb25f239

    • SHA1

      bca6877f4c30aa99d5648713c2e9720d16acc6ab

    • SHA256

      ab9531e9f9a9b3d4c22bfe17e653af78552bcca475655300c0bf39c3b0b9506f

    • SHA512

      b18c020af642747add2c15a6b7251a6c5d7546971deeba42146f9691d2179fe4fac922a5361b583773cbe0060bfc43af14a8d121d8062d06a7ed769475b8fb73

    • SSDEEP

      12288:K4S+2Dh5J/eD6qyV51p7sstpptHegRXWdWJnXYhJkw3GwgHBH+Z:m+8h5J/eGqM1pYsn7NRJnX7wl

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks