Overview

overview

8

Static

static

1

0cf7d10cbe...18.exe

windows7-x64

8

0cf7d10cbe...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    0cf7d10cbed5e01561576a28cdb97686_JaffaCakes118

  • Size

    733KB

  • Sample

    240625-gxexlsxdnl

  • MD5

    0cf7d10cbed5e01561576a28cdb97686

  • SHA1

    123e73ae1027feed3370f72ff8699d4bb267b880

  • SHA256

    9e48635f105b8501d721560da3f3dede9f5d3fd58564b14ba998b581ad48c281

  • SHA512

    f2f6bf8f410f631e4bd4ce7b200911cc8fd82910f7820ac543dc7756670d41743732c4bbc3f5730807b2f7d16b2145a4e05707f4814d16362936148b1f08f469

  • SSDEEP

    12288:13Fpj4rBRLukn+zKg2oOR2OQl5/AdmxQDgGeItGBV07XpWZhASRXHYnrmB:1VpUFRUgoOwOY5/AqQlFtWVAqRXHYrmB

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      0cf7d10cbed5e01561576a28cdb97686_JaffaCakes118

    • Size

      733KB

    • MD5

      0cf7d10cbed5e01561576a28cdb97686

    • SHA1

      123e73ae1027feed3370f72ff8699d4bb267b880

    • SHA256

      9e48635f105b8501d721560da3f3dede9f5d3fd58564b14ba998b581ad48c281

    • SHA512

      f2f6bf8f410f631e4bd4ce7b200911cc8fd82910f7820ac543dc7756670d41743732c4bbc3f5730807b2f7d16b2145a4e05707f4814d16362936148b1f08f469

    • SSDEEP

      12288:13Fpj4rBRLukn+zKg2oOR2OQl5/AdmxQDgGeItGBV07XpWZhASRXHYnrmB:1VpUFRUgoOwOY5/AqQlFtWVAqRXHYrmB

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks