Overview

overview

7

Static

static

3

fbc3f0e790...18.exe

windows7-x64

7

fbc3f0e790...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fbc3f0e790aafbd7f5bf39e28317d6ef_JaffaCakes118

  • Size

    36KB

  • Sample

    240420-db5z5aed92

  • MD5

    fbc3f0e790aafbd7f5bf39e28317d6ef

  • SHA1

    f6ff9912af01302261fa7dfb98f71a85df5074ed

  • SHA256

    9fcfbb8851003bd433b7d81f8ae3d56dd0a81dd5a8607bca7d74d88756bd15ea

  • SHA512

    a4b0e08e6200d50653fefd4e87058734f76c4bcd40a71621712d0c6c59f2d514cd06428541f7363b0abeee51b4db5ce798888ab5d42ea82da66f024ce83e6382

  • SSDEEP

    768:vtFUkLj9F+J4pE+GtOlfSmC5znWOjgJASvfUbP/PF7S:lF5LjfI4pE+/fSHznvgGYfUjF7S

Score
7/10
upx

Malware Config

Targets

    • Target

      fbc3f0e790aafbd7f5bf39e28317d6ef_JaffaCakes118

    • Size

      36KB

    • MD5

      fbc3f0e790aafbd7f5bf39e28317d6ef

    • SHA1

      f6ff9912af01302261fa7dfb98f71a85df5074ed

    • SHA256

      9fcfbb8851003bd433b7d81f8ae3d56dd0a81dd5a8607bca7d74d88756bd15ea

    • SHA512

      a4b0e08e6200d50653fefd4e87058734f76c4bcd40a71621712d0c6c59f2d514cd06428541f7363b0abeee51b4db5ce798888ab5d42ea82da66f024ce83e6382

    • SSDEEP

      768:vtFUkLj9F+J4pE+GtOlfSmC5znWOjgJASvfUbP/PF7S:lF5LjfI4pE+/fSHznvgGYfUjF7S

    Score
    7/10
    upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks