Overview

overview

8

Static

static

3

6d1d468b4a...18.exe

windows7-x64

8

6d1d468b4a...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d1d468b4a631cb8654812e6ae88084e_JaffaCakes118

  • Size

    555KB

  • Sample

    240524-dd5gdaag48

  • MD5

    6d1d468b4a631cb8654812e6ae88084e

  • SHA1

    d054f58b2e4603faaf42eb70c8b3da10ca59aa6b

  • SHA256

    df05b0cd5b7a8de3b6061e9afacd7d012adf25cbe079632031f277a11eedbd25

  • SHA512

    6969da15353e019a0fddd9065dd6260537145a351f0fcc014af234bf4d83ae0735613e485de7bff52fb7c492dddc6147f706c6b45aca7e5e311aca35cd4c8434

  • SSDEEP

    12288:jJfn9d2yFOpE0LCihZgqQZH6l2WiKhp68:dfn9d2yME0+izgNZHiikp68

Score
8/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      6d1d468b4a631cb8654812e6ae88084e_JaffaCakes118

    • Size

      555KB

    • MD5

      6d1d468b4a631cb8654812e6ae88084e

    • SHA1

      d054f58b2e4603faaf42eb70c8b3da10ca59aa6b

    • SHA256

      df05b0cd5b7a8de3b6061e9afacd7d012adf25cbe079632031f277a11eedbd25

    • SHA512

      6969da15353e019a0fddd9065dd6260537145a351f0fcc014af234bf4d83ae0735613e485de7bff52fb7c492dddc6147f706c6b45aca7e5e311aca35cd4c8434

    • SSDEEP

      12288:jJfn9d2yFOpE0LCihZgqQZH6l2WiKhp68:dfn9d2yME0+izgNZHiikp68

    Score
    8/10
    discoveryevasiontrojan

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks