Overview

overview

10

Static

static

5

JaffaCakes...f6.exe

windows7-x64

10

JaffaCakes...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e5b8188379f0b45c15b9d0bf084181f6

  • Size

    224KB

  • Sample

    250110-q1bh2axqhl

  • MD5

    e5b8188379f0b45c15b9d0bf084181f6

  • SHA1

    91518827a2d9a1ff1a1a12a619a43c5206344576

  • SHA256

    12df5f115fa6663fd4408d4064499eb7a3f3610b6ce76809484183c49241e1e4

  • SHA512

    c3feb253378a36a238efa220bc77c8a215404f3066d598a9343bc356a0207ad2c4413565c3fbe258324a870bfb809bee2ffde8d5cf38daaa18257030040ba5be

  • SSDEEP

    3072:vHjk+0oLnWFnzBHv/xWFsg8WatFBGFVWPE5ac0pG/1z+QVMbg1jm0+J:Po/BHng5HaVG4G/1z+QVMbg1jv+

Score
10/10
vobfusdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_e5b8188379f0b45c15b9d0bf084181f6

    • Size

      224KB

    • MD5

      e5b8188379f0b45c15b9d0bf084181f6

    • SHA1

      91518827a2d9a1ff1a1a12a619a43c5206344576

    • SHA256

      12df5f115fa6663fd4408d4064499eb7a3f3610b6ce76809484183c49241e1e4

    • SHA512

      c3feb253378a36a238efa220bc77c8a215404f3066d598a9343bc356a0207ad2c4413565c3fbe258324a870bfb809bee2ffde8d5cf38daaa18257030040ba5be

    • SSDEEP

      3072:vHjk+0oLnWFnzBHv/xWFsg8WatFBGFVWPE5ac0pG/1z+QVMbg1jm0+J:Po/BHng5HaVG4G/1z+QVMbg1jv+

    Score
    10/10
    vobfusdiscoverypersistenceupxworm

    • Vobfus

      A widespread worm which spreads via network drives and removable media.

      wormvobfus

    • Vobfus family

      vobfus

    • Adds policy Run key to start application

      persistence

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks