Overview

overview

10

Static

static

1

7d4c32d6cb...18.exe

windows7-x64

10

7d4c32d6cb...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d4c32d6cb113aedc60e6f6225a171f1_JaffaCakes118

  • Size

    10.1MB

  • Sample

    240528-rt6k9sab66

  • MD5

    7d4c32d6cb113aedc60e6f6225a171f1

  • SHA1

    c6ee7bdf6a5d0949bfdf0a0e9e35bd5068f729f6

  • SHA256

    049fc2018c02cf02f7b40a234544f1531f1bcb0c97b3b3ed3cb6bfbdce52d845

  • SHA512

    4ddf6ad0b04873c296db1492b55d11beb81baef6d5c9e4e6f588a26de60bc2b6ec3187a8ec788bf56e13cf14d37718a6b56129cea1c6289b5557e07722f89038

  • SSDEEP

    196608:GfbBUgj3wTAH0JzQyohFnQqKHWWmV82gMNnZ3XEW7teOyFa6IMyDjRLaF1yp8:GTBUG4JzQyUGmwEnVXFMfOmTyO

Score
10/10
zeusdiscoveryspywarestealer

Malware Config

Targets

    • Target

      7d4c32d6cb113aedc60e6f6225a171f1_JaffaCakes118

    • Size

      10.1MB

    • MD5

      7d4c32d6cb113aedc60e6f6225a171f1

    • SHA1

      c6ee7bdf6a5d0949bfdf0a0e9e35bd5068f729f6

    • SHA256

      049fc2018c02cf02f7b40a234544f1531f1bcb0c97b3b3ed3cb6bfbdce52d845

    • SHA512

      4ddf6ad0b04873c296db1492b55d11beb81baef6d5c9e4e6f588a26de60bc2b6ec3187a8ec788bf56e13cf14d37718a6b56129cea1c6289b5557e07722f89038

    • SSDEEP

      196608:GfbBUgj3wTAH0JzQyohFnQqKHWWmV82gMNnZ3XEW7teOyFa6IMyDjRLaF1yp8:GTBUG4JzQyUGmwEnVXFMfOmTyO

    Score
    10/10
    zeusdiscoveryspywarestealer

    • Zeus

      zeus

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks