Overview

overview

7

Static

static

7

0fc9957783...18.exe

windows7-x64

7

0fc9957783...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0fc99577838e88c5716b1f82c37e925c_JaffaCakes118

  • Size

    307KB

  • Sample

    240625-2km3nszgnr

  • MD5

    0fc99577838e88c5716b1f82c37e925c

  • SHA1

    8ddf27452ba5719909d5e91f2f6b2326efa9da20

  • SHA256

    4118fdc40c7c303fbb86506c624695f4b2325299ae068ede1123626a911f64a9

  • SHA512

    b9004750d2ed5c19ce63ea2a406ca9cc14f1918ccd9c6abbd19ef3b774dcca100cea8cad2cab2c9d81f23ab85c56e10ff8e4630164b25ec5728096c26ad10d0f

  • SSDEEP

    6144:r1/i/WUiZNgrQGEWtHV7vsbljlRyIklEDN6us/RxjWktIqnuAj/VGkCN9Wat:ZUalWtNc3RyZlEDN6us5xj935/VGtjt

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      0fc99577838e88c5716b1f82c37e925c_JaffaCakes118

    • Size

      307KB

    • MD5

      0fc99577838e88c5716b1f82c37e925c

    • SHA1

      8ddf27452ba5719909d5e91f2f6b2326efa9da20

    • SHA256

      4118fdc40c7c303fbb86506c624695f4b2325299ae068ede1123626a911f64a9

    • SHA512

      b9004750d2ed5c19ce63ea2a406ca9cc14f1918ccd9c6abbd19ef3b774dcca100cea8cad2cab2c9d81f23ab85c56e10ff8e4630164b25ec5728096c26ad10d0f

    • SSDEEP

      6144:r1/i/WUiZNgrQGEWtHV7vsbljlRyIklEDN6us/RxjWktIqnuAj/VGkCN9Wat:ZUalWtNc3RyZlEDN6us5xj935/VGtjt

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks