Overview

overview

8

Static

static

3

f77d852451...18.exe

windows7-x64

8

f77d852451...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f77d852451ece8f8935dd72ebac14d02_JaffaCakes118

  • Size

    17KB

  • Sample

    240418-hnx79sea38

  • MD5

    f77d852451ece8f8935dd72ebac14d02

  • SHA1

    6edd561a62ac20acc58540dbf5eb5c784137db16

  • SHA256

    4308f2bf6b8eaee81a774a70cdd287d720f36b53f61123cdf12a28e2c003d19f

  • SHA512

    814b058fc4774a1ac926ff6152c13ec6e8ee3f6cfd6f11093c52357e21f10072c21c60ec3100145f9861bfe664f3c6476c7a0972674ead6fea593db5ae6b533d

  • SSDEEP

    384:TFX3YBoTcmZO2Zp+Nye8pqrmub8TyztsDN:T1IoToKK8o8TyJc

Score
8/10
persistence

Malware Config

Targets

    • Target

      f77d852451ece8f8935dd72ebac14d02_JaffaCakes118

    • Size

      17KB

    • MD5

      f77d852451ece8f8935dd72ebac14d02

    • SHA1

      6edd561a62ac20acc58540dbf5eb5c784137db16

    • SHA256

      4308f2bf6b8eaee81a774a70cdd287d720f36b53f61123cdf12a28e2c003d19f

    • SHA512

      814b058fc4774a1ac926ff6152c13ec6e8ee3f6cfd6f11093c52357e21f10072c21c60ec3100145f9861bfe664f3c6476c7a0972674ead6fea593db5ae6b533d

    • SSDEEP

      384:TFX3YBoTcmZO2Zp+Nye8pqrmub8TyztsDN:T1IoToKK8o8TyJc

    Score
    8/10
    persistence

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks