Overview

overview

8

Static

static

3

3443262cf8...18.exe

windows7-x64

8

3443262cf8...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3443262cf83abba89b696e5dfe9ba9ed_JaffaCakes118

  • Size

    184KB

  • Sample

    240511-m5mkbadd9t

  • MD5

    3443262cf83abba89b696e5dfe9ba9ed

  • SHA1

    18038c92d7cf01a176ae01c5ae9fcf37060bdca3

  • SHA256

    51bf80877abb5b623e96d31d9da3ca395b17b6897fe49704e0104199af9616e6

  • SHA512

    e9fde259e564fc7d42f68709a50811caaf9fea0b00102c7b9dfdf34fd7c5dc8d00d584cf8b7c03e58db45b5375e2e6cc4d554da3bf39fdd7a928268401b176ee

  • SSDEEP

    3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Y54:/7BSH8zUB+nGESaaRvoB7FJNndnD54

Score
8/10
execution

Malware Config

Targets

    • Target

      3443262cf83abba89b696e5dfe9ba9ed_JaffaCakes118

    • Size

      184KB

    • MD5

      3443262cf83abba89b696e5dfe9ba9ed

    • SHA1

      18038c92d7cf01a176ae01c5ae9fcf37060bdca3

    • SHA256

      51bf80877abb5b623e96d31d9da3ca395b17b6897fe49704e0104199af9616e6

    • SHA512

      e9fde259e564fc7d42f68709a50811caaf9fea0b00102c7b9dfdf34fd7c5dc8d00d584cf8b7c03e58db45b5375e2e6cc4d554da3bf39fdd7a928268401b176ee

    • SSDEEP

      3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Y54:/7BSH8zUB+nGESaaRvoB7FJNndnD54

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks