Overview

overview

8

Static

static

3

34644cec73...18.exe

windows7-x64

8

34644cec73...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34644cec733aff31e7ab990ed1713171_JaffaCakes118

  • Size

    184KB

  • Sample

    240511-np8y2shb99

  • MD5

    34644cec733aff31e7ab990ed1713171

  • SHA1

    00955ecc036ca01745da57573950de26c144ac91

  • SHA256

    684190ce96411d5810c3919dba15aae7adc438f53395a746be91ad722bea7ab2

  • SHA512

    ea1416765024dcafe05529bb3658ee614fa26d92e602d773a6f769d169067a1a5569dc197250c87df5236b692403f49bdff2fd76010438a466c28111bc7f83dd

  • SSDEEP

    3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3D:/7BSH8zUB+nGESaaRvoB7FJNndnq

Score
8/10
execution

Malware Config

Targets

    • Target

      34644cec733aff31e7ab990ed1713171_JaffaCakes118

    • Size

      184KB

    • MD5

      34644cec733aff31e7ab990ed1713171

    • SHA1

      00955ecc036ca01745da57573950de26c144ac91

    • SHA256

      684190ce96411d5810c3919dba15aae7adc438f53395a746be91ad722bea7ab2

    • SHA512

      ea1416765024dcafe05529bb3658ee614fa26d92e602d773a6f769d169067a1a5569dc197250c87df5236b692403f49bdff2fd76010438a466c28111bc7f83dd

    • SSDEEP

      3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3D:/7BSH8zUB+nGESaaRvoB7FJNndnq

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks