Overview

overview

8

Static

static

3

6d474f1348...18.exe

windows7-x64

8

6d474f1348...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d474f134842ee31c5151a05ad103b27_JaffaCakes118

  • Size

    978KB

  • Sample

    240524-el5b1scd98

  • MD5

    6d474f134842ee31c5151a05ad103b27

  • SHA1

    bf5d2f6a8d3f8a0256249451dbe0955106e1e350

  • SHA256

    fe1966b9309fd5402c28bba4bb679bdeef259e8c96f6115bae50d0de37911e93

  • SHA512

    7f80922fde2bf89c355856e8392a2e538772ead295b5310b27dcd9e69bdefaf17cddd933c15ed3417f3df96e9967bea1c88928f8ae82bd94b7f4db06b736a969

  • SSDEEP

    24576:OlY9HsymIbmJO6eSzKnlV6cbsRG6ELOGf3:O+MyyGSGlVFDh3v

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      6d474f134842ee31c5151a05ad103b27_JaffaCakes118

    • Size

      978KB

    • MD5

      6d474f134842ee31c5151a05ad103b27

    • SHA1

      bf5d2f6a8d3f8a0256249451dbe0955106e1e350

    • SHA256

      fe1966b9309fd5402c28bba4bb679bdeef259e8c96f6115bae50d0de37911e93

    • SHA512

      7f80922fde2bf89c355856e8392a2e538772ead295b5310b27dcd9e69bdefaf17cddd933c15ed3417f3df96e9967bea1c88928f8ae82bd94b7f4db06b736a969

    • SSDEEP

      24576:OlY9HsymIbmJO6eSzKnlV6cbsRG6ELOGf3:O+MyyGSGlVFDh3v

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks