Overview

overview

7

Static

static

1

6971ab9c64...18.exe

windows7-x64

7

6971ab9c64...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6971ab9c648a3e57f7409af96925fd6d_JaffaCakes118

  • Size

    292KB

  • Sample

    240523-cwspvsae4x

  • MD5

    6971ab9c648a3e57f7409af96925fd6d

  • SHA1

    7a5a275f037c4c80aba907d29529e8c20776dfa8

  • SHA256

    8369b512ba2549aa16b99995b8363246d78b5245f6db2ba7806f103e3f6147ca

  • SHA512

    a72d9f17f1e73eb83a93540a1ce3e11dca4dcf3227186351bbdee9b423a7c81a26bc65ff64c502ff84ef2bf8d154e2238d6b39a9e493d0224f94bd7b18e36659

  • SSDEEP

    6144:ranPst8v78IwA7I97x4fg+8t9d5Z0DRUIH0xsNJEa:roPstEPwA7I9750Nz0ONJEa

Score
7/10

Malware Config

Targets

    • Target

      6971ab9c648a3e57f7409af96925fd6d_JaffaCakes118

    • Size

      292KB

    • MD5

      6971ab9c648a3e57f7409af96925fd6d

    • SHA1

      7a5a275f037c4c80aba907d29529e8c20776dfa8

    • SHA256

      8369b512ba2549aa16b99995b8363246d78b5245f6db2ba7806f103e3f6147ca

    • SHA512

      a72d9f17f1e73eb83a93540a1ce3e11dca4dcf3227186351bbdee9b423a7c81a26bc65ff64c502ff84ef2bf8d154e2238d6b39a9e493d0224f94bd7b18e36659

    • SSDEEP

      6144:ranPst8v78IwA7I97x4fg+8t9d5Z0DRUIH0xsNJEa:roPstEPwA7I9750Nz0ONJEa

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks