Overview

overview

7

Static

static

3

014db85420...18.exe

windows7-x64

7

014db85420...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    014db85420a921382d321184db327c69_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240426-v7ftjsgf73

  • MD5

    014db85420a921382d321184db327c69

  • SHA1

    6a8a3c75601bf44e30158ae6f7779c7aaa7b20ff

  • SHA256

    3dc3699b2ac64f4cba23a4f9964b1e0e4db1895115eddb19b941461eae9096fe

  • SHA512

    8694475e1a2e072cbcedfaacd4e73f252360c8b94e4b56bdd5e6f68d4781de8de1e321e70ce96335edcb3c8439052921eee06402c533cc8ba643c39bde0f401d

  • SSDEEP

    24576:M2O/GlMKQg1ifcsLgoQAhmoHdQ77H/VmoK7gh8/pIHQ1n:USwpEWPqPmW8/p8un

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      014db85420a921382d321184db327c69_JaffaCakes118

    • Size

      1.4MB

    • MD5

      014db85420a921382d321184db327c69

    • SHA1

      6a8a3c75601bf44e30158ae6f7779c7aaa7b20ff

    • SHA256

      3dc3699b2ac64f4cba23a4f9964b1e0e4db1895115eddb19b941461eae9096fe

    • SHA512

      8694475e1a2e072cbcedfaacd4e73f252360c8b94e4b56bdd5e6f68d4781de8de1e321e70ce96335edcb3c8439052921eee06402c533cc8ba643c39bde0f401d

    • SSDEEP

      24576:M2O/GlMKQg1ifcsLgoQAhmoHdQ77H/VmoK7gh8/pIHQ1n:USwpEWPqPmW8/p8un

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks