Overview

overview

7

Static

static

3

f9c3b77a36...18.exe

windows7-x64

7

f9c3b77a36...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f9c3b77a36cd4a5b29164bce10379b1b_JaffaCakes118

  • Size

    608KB

  • Sample

    240419-hvm1wacd31

  • MD5

    f9c3b77a36cd4a5b29164bce10379b1b

  • SHA1

    5e5118c1bbb0819206c234c816bab8904172a90a

  • SHA256

    b04a9ea64a2c132f5c5db594331fd81508f782bb4314f3e192ca2b28cc49a164

  • SHA512

    6de7f68f26148ff8072334e6ac6b51699d6f83e83cd3462542fe6f13b10f280b54dc07a72b10a2db95b047b75145df72f45392460dc2e1d5907c7ffba47fa1e4

  • SSDEEP

    12288:ZbomOkmSemqdzZbOys2f+2/uN9o+TS0itdwPfqNh2EB8e:ZleZlns2f+NjocitdxUEBv

Score
7/10

Malware Config

Targets

    • Target

      f9c3b77a36cd4a5b29164bce10379b1b_JaffaCakes118

    • Size

      608KB

    • MD5

      f9c3b77a36cd4a5b29164bce10379b1b

    • SHA1

      5e5118c1bbb0819206c234c816bab8904172a90a

    • SHA256

      b04a9ea64a2c132f5c5db594331fd81508f782bb4314f3e192ca2b28cc49a164

    • SHA512

      6de7f68f26148ff8072334e6ac6b51699d6f83e83cd3462542fe6f13b10f280b54dc07a72b10a2db95b047b75145df72f45392460dc2e1d5907c7ffba47fa1e4

    • SSDEEP

      12288:ZbomOkmSemqdzZbOys2f+2/uN9o+TS0itdwPfqNh2EB8e:ZleZlns2f+NjocitdxUEBv

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks