Overview

overview

10

Static

static

3

JaffaCakes...8c.exe

windows7-x64

7

JaffaCakes...8c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_26e44d8181ad3a379fab42b8047a2b115fc968f0d34d3e17af6d4c772846cd8c

  • Size

    738.0MB

  • Sample

    241222-yjpy4axjgv

  • MD5

    06b546702677e85f237d31533d59ebdd

  • SHA1

    f1765a9e3e3127cf6ddcdaa50de09a8e3da08529

  • SHA256

    26e44d8181ad3a379fab42b8047a2b115fc968f0d34d3e17af6d4c772846cd8c

  • SHA512

    93c65ed2e6f937b6e3b30dbee56b1493aca3bf1fde5e8e22a12d5c046216817b81c2265b84310c685640084eba55832cca4fa11196e575706cc677ea8713e8fe

  • SSDEEP

    24576:pOWmAFb8/ELdt9Mcp/D8mh93J/y4kBB99abgklaJAJ4UAD8P6OFB:pFLdRp/19Z/KBvaOASUy8Pbz

Score
10/10
vidardiscoverystealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_26e44d8181ad3a379fab42b8047a2b115fc968f0d34d3e17af6d4c772846cd8c

    • Size

      738.0MB

    • MD5

      06b546702677e85f237d31533d59ebdd

    • SHA1

      f1765a9e3e3127cf6ddcdaa50de09a8e3da08529

    • SHA256

      26e44d8181ad3a379fab42b8047a2b115fc968f0d34d3e17af6d4c772846cd8c

    • SHA512

      93c65ed2e6f937b6e3b30dbee56b1493aca3bf1fde5e8e22a12d5c046216817b81c2265b84310c685640084eba55832cca4fa11196e575706cc677ea8713e8fe

    • SSDEEP

      24576:pOWmAFb8/ELdt9Mcp/D8mh93J/y4kBB99abgklaJAJ4UAD8P6OFB:pFLdRp/19Z/KBvaOASUy8Pbz

    Score
    10/10
    discoveryupxvidarstealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks