General

  • Target

    a79df0b5df8c0b4a0185d28c0f16a910_JaffaCakes118

  • Size

    411KB

  • Sample

    240614-b8zs9s1arc

  • MD5

    a79df0b5df8c0b4a0185d28c0f16a910

  • SHA1

    bf1423309404fb3c9a58ee9f7c62f8da564e0a34

  • SHA256

    88589ff9df936baabc4d0c837069c30507ca0dfe519fb296fe97073f11551810

  • SHA512

    3fdbcf5fa8d669ae86138f5bd3eac1f17773f3b440a5e27a6d2f659de223bff5f549044b173d6780eb67cfeadd6233cd8203169264313fa3a545dbcfc2700bae

  • SSDEEP

    12288:Y3nZMhJ+ubNJWn8qa/NxK4kbnOmcNirl7:Y3nZqfbvWnA/Rc7zV

Score
7/10

Malware Config

Targets

    • Target

      a79df0b5df8c0b4a0185d28c0f16a910_JaffaCakes118

    • Size

      411KB

    • MD5

      a79df0b5df8c0b4a0185d28c0f16a910

    • SHA1

      bf1423309404fb3c9a58ee9f7c62f8da564e0a34

    • SHA256

      88589ff9df936baabc4d0c837069c30507ca0dfe519fb296fe97073f11551810

    • SHA512

      3fdbcf5fa8d669ae86138f5bd3eac1f17773f3b440a5e27a6d2f659de223bff5f549044b173d6780eb67cfeadd6233cd8203169264313fa3a545dbcfc2700bae

    • SSDEEP

      12288:Y3nZMhJ+ubNJWn8qa/NxK4kbnOmcNirl7:Y3nZqfbvWnA/Rc7zV

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks