Overview

overview

8

Static

static

3

00a7dfedc5...18.exe

windows7-x64

8

00a7dfedc5...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    00a7dfedc55b85f394dd907a8f9ffa15_JaffaCakes118

  • Size

    20KB

  • Sample

    240619-1j6yqaxdnj

  • MD5

    00a7dfedc55b85f394dd907a8f9ffa15

  • SHA1

    5d85ea259ddd65c0aac0d7960044b1f386714bf7

  • SHA256

    481ee6a2f90c62160e6bc756167b19244b60c2b449032174247483b26edbfac1

  • SHA512

    b2282b567056be605eb7705fa4fbd02145cb58afbaa428bd7721c1ff1b80390b3ba71a13c517576b861c39f5977d1a024aca0be0c9f4b89608f9a8ee6387b83f

  • SSDEEP

    384:4m8w7O2vD/stps+Vf1zqehd7LL8jqNCIz+G6AVJxzQSXJQzI52:4Vw7O28pDt1zHjnLj4WB6lzU2

Score
8/10
persistence

Malware Config

Targets

    • Target

      00a7dfedc55b85f394dd907a8f9ffa15_JaffaCakes118

    • Size

      20KB

    • MD5

      00a7dfedc55b85f394dd907a8f9ffa15

    • SHA1

      5d85ea259ddd65c0aac0d7960044b1f386714bf7

    • SHA256

      481ee6a2f90c62160e6bc756167b19244b60c2b449032174247483b26edbfac1

    • SHA512

      b2282b567056be605eb7705fa4fbd02145cb58afbaa428bd7721c1ff1b80390b3ba71a13c517576b861c39f5977d1a024aca0be0c9f4b89608f9a8ee6387b83f

    • SSDEEP

      384:4m8w7O2vD/stps+Vf1zqehd7LL8jqNCIz+G6AVJxzQSXJQzI52:4Vw7O28pDt1zHjnLj4WB6lzU2

    Score
    8/10
    persistence

    • Event Triggered Execution: Image File Execution Options Injection

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks