Overview

overview

8

Static

static

3

0e60435c6f...18.exe

windows7-x64

8

0e60435c6f...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    0e60435c6fa5618edb885afb3c58c357_JaffaCakes118

  • Size

    378KB

  • Sample

    240625-rjttqaxenr

  • MD5

    0e60435c6fa5618edb885afb3c58c357

  • SHA1

    70dc0cf41aabe132bec17e6ead5e3d9e9ced8e36

  • SHA256

    87951527a63fac966f324671d105d17fd2fcc9677d985257ee57528301c451a5

  • SHA512

    aea454a4270ce6cba6d65902b8aef41bd6c622b8a35e24e3124c869c7bea03526483881a0b75efad15f65a0c5c9389adf15c8bca7766867b661d3ae967599b1b

  • SSDEEP

    6144:LgtM9UUj4PHjMb16E3oGMRk/dRzEdoAxdoovaRMO2IpqH9mm2AH8n5LLyMU7w9aX:M2OMb16E3om/HEdoATraRDpqHiAH8n5s

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      0e60435c6fa5618edb885afb3c58c357_JaffaCakes118

    • Size

      378KB

    • MD5

      0e60435c6fa5618edb885afb3c58c357

    • SHA1

      70dc0cf41aabe132bec17e6ead5e3d9e9ced8e36

    • SHA256

      87951527a63fac966f324671d105d17fd2fcc9677d985257ee57528301c451a5

    • SHA512

      aea454a4270ce6cba6d65902b8aef41bd6c622b8a35e24e3124c869c7bea03526483881a0b75efad15f65a0c5c9389adf15c8bca7766867b661d3ae967599b1b

    • SSDEEP

      6144:LgtM9UUj4PHjMb16E3oGMRk/dRzEdoAxdoovaRMO2IpqH9mm2AH8n5LLyMU7w9aX:M2OMb16E3om/HEdoATraRDpqHiAH8n5s

    Score
    8/10
    persistenceupx

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks