Overview

overview

7

Static

static

3

7e509afa2b...18.exe

windows7-x64

7

7e509afa2b...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.exe

windows7-x64

1

$PLUGINSDI...er.exe

windows10-2004-x64

6

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e509afa2b8425b8c9618ccf20ca1f67_JaffaCakes118

  • Size

    254KB

  • Sample

    240528-zdkmvsbc4t

  • MD5

    7e509afa2b8425b8c9618ccf20ca1f67

  • SHA1

    1668fa3e73cbc91b3ccdf5d8977e16ca201d3ce2

  • SHA256

    cad72d1d5aec829038a3206a3e5d55f33d2238d65541e7e660597be0c047d1cc

  • SHA512

    ce5d596f194f306ff34ffb410e0676b1fc235b3f77d70ee60fe96603b95720275e9ce29915d5dfe741ccbd4ac7dd4b73147c799c481947a1db4f3094c458f311

  • SSDEEP

    6144:FsaocyLCXr2QxeUPpbNdV0g74E/hJQAjDUfK9uX/:FtobcygeMp/OuLPQwQLv

Score
7/10

Malware Config

Targets

    • Target

      7e509afa2b8425b8c9618ccf20ca1f67_JaffaCakes118

    • Size

      254KB

    • MD5

      7e509afa2b8425b8c9618ccf20ca1f67

    • SHA1

      1668fa3e73cbc91b3ccdf5d8977e16ca201d3ce2

    • SHA256

      cad72d1d5aec829038a3206a3e5d55f33d2238d65541e7e660597be0c047d1cc

    • SHA512

      ce5d596f194f306ff34ffb410e0676b1fc235b3f77d70ee60fe96603b95720275e9ce29915d5dfe741ccbd4ac7dd4b73147c799c481947a1db4f3094c458f311

    • SSDEEP

      6144:FsaocyLCXr2QxeUPpbNdV0g74E/hJQAjDUfK9uX/:FtobcygeMp/OuLPQwQLv

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/installer.exe

    • Size

      198KB

    • MD5

      7950260db65cd017c5cf1b925d2fcd83

    • SHA1

      6695ec132f781e2cabf880fe25068cbe0a75a761

    • SHA256

      2b18da136c09287e5a8e29821b1301e11bfd0a8c7d5633b63a115681adbc9edc

    • SHA512

      ed98e20dc18c4fcb249d8a057cf0856d3cd48012218e95053672e8113c310e8f524b33139a6064e5593551e69b5db04a958bbda1a9aeca4b850b34a31e9f5356

    • SSDEEP

      3072:dVWmJrXiQbfVka6dvzuxB5fNibXda0gXvF1UoG6MtEGqPuxKIC+xsFoxU1CFWe16:d/S4kamSfzh91c4vPuxKIBxsaM87pi

    Score
    6/10

    • Drops desktop.ini file(s)

    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      8KB

    • MD5

      249ae678f0dac4c625c6de6aca53823a

    • SHA1

      6ac2b9e90e8445fed4c45c5dbf2d0227cd3b5201

    • SHA256

      7298024a36310b7c4c112be87b61b62a0b1be493e2d5252a19e5e976daf674ce

    • SHA512

      66e4081a40f3191bf28b810cf8411cb3c8c3e3ec5943e18d6672414fb5e7b4364f862cba44c9115c599ac90890ef02a773e254e7c979e930946bc52b0693aad7

    • SSDEEP

      192:r/QeHNWSvUTfWdXw08LYKFaynLb3MRlbOVlR:7jBvwudT8LJxnnMRlyVlR

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks