Overview

overview

8

Static

static

3

fd291ecf13...18.exe

windows7-x64

8

fd291ecf13...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd291ecf1326b208eae79c1fc7f67f43_JaffaCakes118

  • Size

    477KB

  • Sample

    240420-t31sgsdb8v

  • MD5

    fd291ecf1326b208eae79c1fc7f67f43

  • SHA1

    fcae442561ea5d45389d647298c4a7429e0e7c6d

  • SHA256

    0537c7adb34de9fd5da85b57917ba4133c7ae94e3912cdcef55ea71a96eabc08

  • SHA512

    77679b663e1935a7910e3f94cea09b096e64aabebb183be98ce4dd4cd14eddcefd205dcb4dad292715dafb4ab35cea077ff0b1e5df825c772e7bb58aa8631a68

  • SSDEEP

    6144:MZ/Z/Z/Z/Z/Z/Z/Z/Z/Z/Z/ZweP1ZVI51yZAv:MBBBBBBBBBBBz1M51yZAv

Score
8/10

Malware Config

Targets

    • Target

      fd291ecf1326b208eae79c1fc7f67f43_JaffaCakes118

    • Size

      477KB

    • MD5

      fd291ecf1326b208eae79c1fc7f67f43

    • SHA1

      fcae442561ea5d45389d647298c4a7429e0e7c6d

    • SHA256

      0537c7adb34de9fd5da85b57917ba4133c7ae94e3912cdcef55ea71a96eabc08

    • SHA512

      77679b663e1935a7910e3f94cea09b096e64aabebb183be98ce4dd4cd14eddcefd205dcb4dad292715dafb4ab35cea077ff0b1e5df825c772e7bb58aa8631a68

    • SSDEEP

      6144:MZ/Z/Z/Z/Z/Z/Z/Z/Z/Z/Z/ZweP1ZVI51yZAv:MBBBBBBBBBBBz1M51yZAv

    Score
    8/10

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks