Overview

overview

8

Static

static

1

4539583985...77.lnk

windows7-x64

8

4539583985...77.lnk

windows10-2004-x64

8

5548387593...04.lnk

windows7-x64

8

5548387593...04.lnk

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a1cfad8ad69435eca6164af600e21c5c_JaffaCakes118

  • Size

    2KB

  • Sample

    240612-xebegazaqr

  • MD5

    a1cfad8ad69435eca6164af600e21c5c

  • SHA1

    3a6e0a1f853a7e42fcc900a745819ddf7a09a9e5

  • SHA256

    1f5134cea87a48b3bc41dd92ff1e60dedebd43b59af5778b8543a450ee985b08

  • SHA512

    f66aa4d4bf13245935f44ac53d60a9302106ce223b89e2283ffacafbd7ebbd65fb4346cb6e9e5e03c671285aeb750401259d1016828340eeb3cbefe329944fb1

Score
8/10
execution

Malware Config

Targets

    • Target

      453958398582039095432134646977.lnk

    • Size

      3KB

    • MD5

      095f0fd047ba5a64616ee51c725b6db1

    • SHA1

      fbbbfe3a51b90ce8ccfd41810ff5e85e1b257219

    • SHA256

      72ce7fadfe1e23d07ff07b3be5c7cdce369ef2bebf8bebddd312770434b3f8db

    • SHA512

      3c64432d78726da5645dc3dcb0fcedc8becffb2786a8a722ec520e0a429bd43097890da642d5287ec61d0610f656b3517b466aad74a5ef0b623dcd1a886c20c2

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      554838759395889439589308956904.lnk

    • Size

      3KB

    • MD5

      095f0fd047ba5a64616ee51c725b6db1

    • SHA1

      fbbbfe3a51b90ce8ccfd41810ff5e85e1b257219

    • SHA256

      72ce7fadfe1e23d07ff07b3be5c7cdce369ef2bebf8bebddd312770434b3f8db

    • SHA512

      3c64432d78726da5645dc3dcb0fcedc8becffb2786a8a722ec520e0a429bd43097890da642d5287ec61d0610f656b3517b466aad74a5ef0b623dcd1a886c20c2

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks