Overview

overview

8

Static

static

3

45c47be6a5...18.dll

windows7-x64

8

45c47be6a5...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45c47be6a5bcf9ac24831a78dd036910_JaffaCakes118

  • Size

    225KB

  • Sample

    241015-eqxsqstfph

  • MD5

    45c47be6a5bcf9ac24831a78dd036910

  • SHA1

    1a948e83609f9eca2121933f49737458c014f831

  • SHA256

    7c5a1f878e8d1ed4cd593140ac20c7dd843f9422aca9ef538d8664933f0619a8

  • SHA512

    92dc3b8d439ca0180bace8d4f1f508fb9dad750889011cbbc1dd1f68dde2304cb9e2f8e141f1a9ce369ddfa9a196a94c4dbd74bfdd31b6cd6613008de6f7137b

  • SSDEEP

    6144:/LGatnZfeFoKpdtxO8opzMaB46UYddEQL33o:/LVt5AdtM5MaOxYvEQL3

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      45c47be6a5bcf9ac24831a78dd036910_JaffaCakes118

    • Size

      225KB

    • MD5

      45c47be6a5bcf9ac24831a78dd036910

    • SHA1

      1a948e83609f9eca2121933f49737458c014f831

    • SHA256

      7c5a1f878e8d1ed4cd593140ac20c7dd843f9422aca9ef538d8664933f0619a8

    • SHA512

      92dc3b8d439ca0180bace8d4f1f508fb9dad750889011cbbc1dd1f68dde2304cb9e2f8e141f1a9ce369ddfa9a196a94c4dbd74bfdd31b6cd6613008de6f7137b

    • SSDEEP

      6144:/LGatnZfeFoKpdtxO8opzMaB46UYddEQL33o:/LVt5AdtM5MaOxYvEQL3

    Score
    8/10
    discoverypersistenceupx

    • Blocklisted process makes network request

    • Server Software Component: Terminal Services DLL

      persistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks