Overview

overview

8

Static

static

3

f6045930e3...18.exe

windows7-x64

8

f6045930e3...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6045930e3ee687eb50001d358e9e3ab_JaffaCakes118

  • Size

    467KB

  • Sample

    240417-r52fpacg45

  • MD5

    f6045930e3ee687eb50001d358e9e3ab

  • SHA1

    26dd6b53c6ba15bca98e0fad864953cf5adfdc7f

  • SHA256

    45b9c9dcb8afafa8f0b52461a451b784466e4b565c54ec21fbc8e7f223dbde6a

  • SHA512

    6b9aa37e5f0be568bc6de06965b46b686de6ec17b5afe4014e2b87c69cb655d1484f17cea6433b927ad14470708f4aef11da193c6dbdb8e89dd6713c5338c021

  • SSDEEP

    6144:P9lyWIjfp5weud1e/cg2TzVJASsNqu6fqO9d9y5k/D1fmn7Z2HIQ5EPVJiPlWXjV:P4j6jeHMzLAV/6FDHx+YPEPVUWXjX

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      f6045930e3ee687eb50001d358e9e3ab_JaffaCakes118

    • Size

      467KB

    • MD5

      f6045930e3ee687eb50001d358e9e3ab

    • SHA1

      26dd6b53c6ba15bca98e0fad864953cf5adfdc7f

    • SHA256

      45b9c9dcb8afafa8f0b52461a451b784466e4b565c54ec21fbc8e7f223dbde6a

    • SHA512

      6b9aa37e5f0be568bc6de06965b46b686de6ec17b5afe4014e2b87c69cb655d1484f17cea6433b927ad14470708f4aef11da193c6dbdb8e89dd6713c5338c021

    • SSDEEP

      6144:P9lyWIjfp5weud1e/cg2TzVJASsNqu6fqO9d9y5k/D1fmn7Z2HIQ5EPVJiPlWXjV:P4j6jeHMzLAV/6FDHx+YPEPVUWXjX

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks