Overview

overview

8

Static

static

3

b4f224555a...18.dll

windows7-x64

b4f224555a...18.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4f224555a86f284b9362ba541225920_JaffaCakes118

  • Size

    95KB

  • Sample

    241130-fykc2strc1

  • MD5

    b4f224555a86f284b9362ba541225920

  • SHA1

    6be952d99c7a857c4a8806d60ec22c76e2206ece

  • SHA256

    1af823f117c957da22ceac84cbc2adeaa836977ed0cc3e2d4d1c4670d93bd826

  • SHA512

    3a7927f71c80d59a8852113a4f914b617e3a69fbac42236dd82a5d7e9c291716574fd7bfe8c7108175e36ebe210fdbb9eed09426b2fa38a7aacc78d97b723fc7

  • SSDEEP

    1536:jCNmUOWTi0OFAAK1m3FJ/4RTQg2ImVFiLDbcOT5QSQj1d1fr:GTPOaAKsFJQRTQPIQOTyjh

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      b4f224555a86f284b9362ba541225920_JaffaCakes118

    • Size

      95KB

    • MD5

      b4f224555a86f284b9362ba541225920

    • SHA1

      6be952d99c7a857c4a8806d60ec22c76e2206ece

    • SHA256

      1af823f117c957da22ceac84cbc2adeaa836977ed0cc3e2d4d1c4670d93bd826

    • SHA512

      3a7927f71c80d59a8852113a4f914b617e3a69fbac42236dd82a5d7e9c291716574fd7bfe8c7108175e36ebe210fdbb9eed09426b2fa38a7aacc78d97b723fc7

    • SSDEEP

      1536:jCNmUOWTi0OFAAK1m3FJ/4RTQg2ImVFiLDbcOT5QSQj1d1fr:GTPOaAKsFJQRTQPIQOTyjh

    Score
    8/10
    discoverypersistenceupx

    • Blocklisted process makes network request

    • Server Software Component: Terminal Services DLL

      persistence

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks