Overview

overview

8

Static

static

3

6bd853382d...18.exe

windows7-x64

8

6bd853382d...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bd853382d3348142617153794ac6aa3_JaffaCakes118

  • Size

    184KB

  • Sample

    240523-wyr1wsbf4t

  • MD5

    6bd853382d3348142617153794ac6aa3

  • SHA1

    69459c8eb0b31858b738a8223872c2eeafb01e77

  • SHA256

    90c1a293e0e53e0bce3757aa6f0be2be93643c35566930788b2d091582f6ab62

  • SHA512

    ccaf2316595c470e2ce99b9d24c2cecf7a69bc11560d46e9639fe3e8e8bc850557ae74f7767baf3c13c3b3a5bbf97f7b4ff58c970df16432dc90481295b6e62b

  • SSDEEP

    3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3K:/7BSH8zUB+nGESaaRvoB7FJNndnP

Score
8/10
execution

Malware Config

Targets

    • Target

      6bd853382d3348142617153794ac6aa3_JaffaCakes118

    • Size

      184KB

    • MD5

      6bd853382d3348142617153794ac6aa3

    • SHA1

      69459c8eb0b31858b738a8223872c2eeafb01e77

    • SHA256

      90c1a293e0e53e0bce3757aa6f0be2be93643c35566930788b2d091582f6ab62

    • SHA512

      ccaf2316595c470e2ce99b9d24c2cecf7a69bc11560d46e9639fe3e8e8bc850557ae74f7767baf3c13c3b3a5bbf97f7b4ff58c970df16432dc90481295b6e62b

    • SSDEEP

      3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3K:/7BSH8zUB+nGESaaRvoB7FJNndnP

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks