Overview

overview

10

Static

static

3

40c2b2056b...18.exe

windows7-x64

10

40c2b2056b...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    40c2b2056ba60b4cfc18302c65c21cea_JaffaCakes118

  • Size

    177KB

  • Sample

    241013-tewtmayhmq

  • MD5

    40c2b2056ba60b4cfc18302c65c21cea

  • SHA1

    7509dd138fee3260904ab4e2c0d87fda3dcbd453

  • SHA256

    aa0afe12b901bd1505ec060a90e18a3ee4e500db32adea6c08ff481e0ad45f81

  • SHA512

    256c58f368c3ebb917d3a8804c81f3480a7ca268b54e63983be2e8097b28d242de837781f1910b37b766106ed6eb08f2e32ec3e005d1c8043173b93084094492

  • SSDEEP

    3072:jLvMI//BH7+q/tPdu2WhOIHbXroa0IqNJwBPigR2GeDQgK3F1Tvk0nKxW4a/:Xv/Hh+q1FApbrL03Paqy9hsWKxW//

Score
10/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      40c2b2056ba60b4cfc18302c65c21cea_JaffaCakes118

    • Size

      177KB

    • MD5

      40c2b2056ba60b4cfc18302c65c21cea

    • SHA1

      7509dd138fee3260904ab4e2c0d87fda3dcbd453

    • SHA256

      aa0afe12b901bd1505ec060a90e18a3ee4e500db32adea6c08ff481e0ad45f81

    • SHA512

      256c58f368c3ebb917d3a8804c81f3480a7ca268b54e63983be2e8097b28d242de837781f1910b37b766106ed6eb08f2e32ec3e005d1c8043173b93084094492

    • SSDEEP

      3072:jLvMI//BH7+q/tPdu2WhOIHbXroa0IqNJwBPigR2GeDQgK3F1Tvk0nKxW4a/:Xv/Hh+q1FApbrL03Paqy9hsWKxW//

    Score
    10/10
    discoverypersistencespywarestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks