Overview

overview

10

Static

static

3

69309e7ccf...18.exe

windows7-x64

69309e7ccf...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69309e7ccfcdd58d191622f6701853fb_JaffaCakes118

  • Size

    2.6MB

  • Sample

    240523-a5cnwsfc41

  • MD5

    69309e7ccfcdd58d191622f6701853fb

  • SHA1

    b0bc0d6164503604607b6add7c92b17830628632

  • SHA256

    4985a26e98836ea21b12dc9734060a16595cc182ef0aa9b0f859cd875d26f05a

  • SHA512

    1649970d2721e7662d14995f1a1a3ae1a31ef1a3d09345b7d30373eeb92464fc10cece85762ee6444a34bc94bc91036dc40f624516010b3b826026058b02c1d5

  • SSDEEP

    24576:avQnDQUMfHaSqFUPU29/Sjfx6qvrSdEI8W6L0a111I1110TTTYXXXjcA111KiO1D:4nHufvmdvLja111I1111111y111

Score
10/10
persistence

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://reporteriche.com/inst.php?id=02917

Targets

    • Target

      69309e7ccfcdd58d191622f6701853fb_JaffaCakes118

    • Size

      2.6MB

    • MD5

      69309e7ccfcdd58d191622f6701853fb

    • SHA1

      b0bc0d6164503604607b6add7c92b17830628632

    • SHA256

      4985a26e98836ea21b12dc9734060a16595cc182ef0aa9b0f859cd875d26f05a

    • SHA512

      1649970d2721e7662d14995f1a1a3ae1a31ef1a3d09345b7d30373eeb92464fc10cece85762ee6444a34bc94bc91036dc40f624516010b3b826026058b02c1d5

    • SSDEEP

      24576:avQnDQUMfHaSqFUPU29/Sjfx6qvrSdEI8W6L0a111I1110TTTYXXXjcA111KiO1D:4nHufvmdvLja111I1111111y111

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks