Overview

overview

7

Static

static

1

68f27c9ab9...18.exe

windows7-x64

7

68f27c9ab9...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    68f27c9ab94cc5e8b4e4791a77483b92_JaffaCakes118

  • Size

    221KB

  • Sample

    240522-23tm6sce3y

  • MD5

    68f27c9ab94cc5e8b4e4791a77483b92

  • SHA1

    7d87f8057b7395f0ebae5bb0a6195590a75d996f

  • SHA256

    16e5a758f95677cf94a64be3ac8c4f445a1d0b24238f62f157d08f395bf6d2ff

  • SHA512

    0cc2ed0826d9e78f514143b78d725d981b9597b65c0f809108e147e808f1a3748c06d3197db10ec0dccc5d53c6b3c09fff502a47d91fe892a29f008b0538fc8f

  • SSDEEP

    6144:YvJbcJTI7keZP00gL0D4lexuNp4dhxQ5Drh9okobQ:YvKJc7k5JcLuNp4dDI/h9okobQ

Score
7/10

Malware Config

Targets

    • Target

      68f27c9ab94cc5e8b4e4791a77483b92_JaffaCakes118

    • Size

      221KB

    • MD5

      68f27c9ab94cc5e8b4e4791a77483b92

    • SHA1

      7d87f8057b7395f0ebae5bb0a6195590a75d996f

    • SHA256

      16e5a758f95677cf94a64be3ac8c4f445a1d0b24238f62f157d08f395bf6d2ff

    • SHA512

      0cc2ed0826d9e78f514143b78d725d981b9597b65c0f809108e147e808f1a3748c06d3197db10ec0dccc5d53c6b3c09fff502a47d91fe892a29f008b0538fc8f

    • SSDEEP

      6144:YvJbcJTI7keZP00gL0D4lexuNp4dhxQ5Drh9okobQ:YvKJc7k5JcLuNp4dDI/h9okobQ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks