Overview

overview

7

Static

static

3

facture.pdf.exe

windows7-x64

7

facture.pdf.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    76698b4c0ed5b3a867e15a969e597489_JaffaCakes118

  • Size

    1000KB

  • Sample

    240526-w3w6eafd7y

  • MD5

    76698b4c0ed5b3a867e15a969e597489

  • SHA1

    69a2c81bb929a5f6ba018db96bc0c8cfc3fb21bc

  • SHA256

    59f37317df6bcd623adee54e2f223ec19498ce2c7243b49c5842800403e37b4b

  • SHA512

    07164905f38369e5fc4c84b783428c79f9c3a8ce0ab0184afce24fca01d148108fc7ecaa79c90846e4a1aa48a161964a5e8adfdb0e2e8f11efe8bc5a0ecd81b3

  • SSDEEP

    24576:UjnDy6ovi0eHrrvploqLptvIzPcZGSZNB++OuhMbb:UjDgtkrxlospWcZddGLP

Score
7/10

Malware Config

Targets

    • Target

      facture.pdf.exe

    • Size

      1.1MB

    • MD5

      33bbff3ddce1b5549a0fe651a597484d

    • SHA1

      5c3112180ff1402e487cf60e0764002c4fb4985a

    • SHA256

      f6409eeb12e6b1171fc99cbb9ac4c4cd668bf42d2b3d426965f6ca1d2b01959f

    • SHA512

      40690266e6e879916c615b195a13d03c0156973b3e54ce55ecaa6e5e3bd51f6b58703ecb99c40003a189bccc6e39c27be7b63c46cd8747c3a5c8e8d15326b5b1

    • SSDEEP

      24576:62vlUs5Pm6fXrnpSm3D0EcosRatFaODMn4iLTFV/KW:622A+6znMwJHFaFnZ/KW

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks