Overview

overview

7

Static

static

3

087517cda9...18.exe

windows7-x64

7

087517cda9...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    087517cda95d9630a0cba4b824a28234_JaffaCakes118

  • Size

    92KB

  • Sample

    240624-pgvxwsvfqm

  • MD5

    087517cda95d9630a0cba4b824a28234

  • SHA1

    7d16ee8422b56c720561517d68cc41f997873369

  • SHA256

    a90f013f0c96b10c341af84260baa2ed09ca9b5ca6b1b79281f1ea623f7f854d

  • SHA512

    522a6b47c5fdee25c4111b32675c3f211dccc9bcbc9182242faf987fbba688b48c821579af172edf88c4a8fada18966846f0bd8c3b5b93aa9881f5ccd1dcc39e

  • SSDEEP

    1536:W7FDGo4K9Ty+ihfQxtQg1nhFc9pJpk+tCwmg+Q6buWkJ2/tnJs1vk1PsG4evCuJm:yDGACQxjJGJpTP65vFJOEvCam

Score
7/10

Malware Config

Targets

    • Target

      087517cda95d9630a0cba4b824a28234_JaffaCakes118

    • Size

      92KB

    • MD5

      087517cda95d9630a0cba4b824a28234

    • SHA1

      7d16ee8422b56c720561517d68cc41f997873369

    • SHA256

      a90f013f0c96b10c341af84260baa2ed09ca9b5ca6b1b79281f1ea623f7f854d

    • SHA512

      522a6b47c5fdee25c4111b32675c3f211dccc9bcbc9182242faf987fbba688b48c821579af172edf88c4a8fada18966846f0bd8c3b5b93aa9881f5ccd1dcc39e

    • SSDEEP

      1536:W7FDGo4K9Ty+ihfQxtQg1nhFc9pJpk+tCwmg+Q6buWkJ2/tnJs1vk1PsG4evCuJm:yDGACQxjJGJpTP65vFJOEvCam

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks