Overview

overview

7

Static

static

3

ce2df774fa...18.exe

windows7-x64

7

ce2df774fa...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ce2df774facb09524a93b95c6d6eaee1_JaffaCakes118

  • Size

    15.9MB

  • Sample

    240405-j1er5afa71

  • MD5

    ce2df774facb09524a93b95c6d6eaee1

  • SHA1

    5b057cc52bcdca8bcb3ad650daeeb34637bcab3e

  • SHA256

    83244a20564b57c17ead72ecc0ab3d72dc6c2027127dd7cdef53eabfd779137c

  • SHA512

    5102c65f74fab779362e7f2d357ce3e8fc4320441d4b6ffbff99adec019e5f634802361063caa922d30b54fc4a8ebe896bfe25538bac8350eace30cf6e235469

  • SSDEEP

    393216:Mg7uOg7uOg7uOg7uOg7uOg7uOg7uOg7uN:xSDSDSDSDSDSDSDSN

Score
7/10
persistence

Malware Config

Targets

    • Target

      ce2df774facb09524a93b95c6d6eaee1_JaffaCakes118

    • Size

      15.9MB

    • MD5

      ce2df774facb09524a93b95c6d6eaee1

    • SHA1

      5b057cc52bcdca8bcb3ad650daeeb34637bcab3e

    • SHA256

      83244a20564b57c17ead72ecc0ab3d72dc6c2027127dd7cdef53eabfd779137c

    • SHA512

      5102c65f74fab779362e7f2d357ce3e8fc4320441d4b6ffbff99adec019e5f634802361063caa922d30b54fc4a8ebe896bfe25538bac8350eace30cf6e235469

    • SSDEEP

      393216:Mg7uOg7uOg7uOg7uOg7uOg7uOg7uOg7uN:xSDSDSDSDSDSDSDSN

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks