Overview

overview

8

Static

static

1

167e1a7d36...18.exe

windows7-x64

8

167e1a7d36...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    167e1a7d36d2d6957364b5d150cf89f6_JaffaCakes118

  • Size

    733KB

  • Sample

    240627-sp6k5sxcrb

  • MD5

    167e1a7d36d2d6957364b5d150cf89f6

  • SHA1

    43e4ae00543f898d16a48abfb95b72778097ce99

  • SHA256

    aa4d81e7a9b2d05d4a862037881388086e1dbf925c293b04505998ae4f629e78

  • SHA512

    056a153c09a1aaf729925157b6a17d871df8a5797f9c91a407e39c5832ac476cfc4ee9e641f1fcc0f32769b08820fd3c6d2aad093160b6c5928aff0b48a0b750

  • SSDEEP

    12288:13Fpj4rBRLukn+zKg2oOR2OQl5vAdmxQDgGeItGBV07XpWZhASRXHYnrm0:1VpUFRUgoOwOY5vAqQlFtWVAqRXHYrm0

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      167e1a7d36d2d6957364b5d150cf89f6_JaffaCakes118

    • Size

      733KB

    • MD5

      167e1a7d36d2d6957364b5d150cf89f6

    • SHA1

      43e4ae00543f898d16a48abfb95b72778097ce99

    • SHA256

      aa4d81e7a9b2d05d4a862037881388086e1dbf925c293b04505998ae4f629e78

    • SHA512

      056a153c09a1aaf729925157b6a17d871df8a5797f9c91a407e39c5832ac476cfc4ee9e641f1fcc0f32769b08820fd3c6d2aad093160b6c5928aff0b48a0b750

    • SSDEEP

      12288:13Fpj4rBRLukn+zKg2oOR2OQl5vAdmxQDgGeItGBV07XpWZhASRXHYnrm0:1VpUFRUgoOwOY5vAqQlFtWVAqRXHYrm0

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks