Overview

overview

7

Static

static

3

0acc73d7b4...18.exe

windows7-x64

7

0acc73d7b4...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0acc73d7b4c954350ad402407dc8d0f1_JaffaCakes118

  • Size

    255KB

  • Sample

    240624-1q75cstdqb

  • MD5

    0acc73d7b4c954350ad402407dc8d0f1

  • SHA1

    e0d789ace58871b2d8c45488623cb1e42c763ed2

  • SHA256

    a81a23ed93cc99953352cce68ae4b2c7bb03ae1a5f9baafd08b72b08acc4f3c9

  • SHA512

    44aa9667deb21fb1b6f94a9cf7dde541983875a186c1f9dac43a1dc87d0af6db4fd2083796ce71527c7b50f580fb3c607f29364b24df4115577e2196d8b13fe0

  • SSDEEP

    6144:Jq4PQ8O/fzVaGab8qs5eIFBiyt9qv+IdCGBAe+v/kzK1DMlQxHCVRQEI:Jq8tODLrqWe+Bdy2WCGBAe+vR1DMlQiD

Score
7/10
upx

Malware Config

Targets

    • Target

      0acc73d7b4c954350ad402407dc8d0f1_JaffaCakes118

    • Size

      255KB

    • MD5

      0acc73d7b4c954350ad402407dc8d0f1

    • SHA1

      e0d789ace58871b2d8c45488623cb1e42c763ed2

    • SHA256

      a81a23ed93cc99953352cce68ae4b2c7bb03ae1a5f9baafd08b72b08acc4f3c9

    • SHA512

      44aa9667deb21fb1b6f94a9cf7dde541983875a186c1f9dac43a1dc87d0af6db4fd2083796ce71527c7b50f580fb3c607f29364b24df4115577e2196d8b13fe0

    • SSDEEP

      6144:Jq4PQ8O/fzVaGab8qs5eIFBiyt9qv+IdCGBAe+v/kzK1DMlQxHCVRQEI:Jq8tODLrqWe+Bdy2WCGBAe+vR1DMlQiD

    Score
    7/10
    upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks