Overview

overview

8

Static

static

7

171cbefc41...18.exe

windows7-x64

8

171cbefc41...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    171cbefc4179440572eb137b65db294e_JaffaCakes118

  • Size

    137KB

  • Sample

    240627-xe74favdng

  • MD5

    171cbefc4179440572eb137b65db294e

  • SHA1

    d6810733d3a576aa83d059f67716f4033778b73e

  • SHA256

    c08556d3e92cb3ce9146679255bf971c3e6289f59773a0b9fc6135459aad63ec

  • SHA512

    aeab5f7478593559a19fac99f1914be58962007fcf4dd682aa6acecb6f3e3c34ab2f3956779fa9d15e529f4f9382c9911b15426e6b814af146e05520d52c4cb7

  • SSDEEP

    1536:e4m5hdG78SadgsB6qAVmO1IrScroNmf97wNyic2fkf1a4HaBRr9wzdggaWL:eFk7xGgs8q9jf97y7c2fVYaBRBmgg

Score
8/10
evasionexecutionupx

Malware Config

Targets

    • Target

      171cbefc4179440572eb137b65db294e_JaffaCakes118

    • Size

      137KB

    • MD5

      171cbefc4179440572eb137b65db294e

    • SHA1

      d6810733d3a576aa83d059f67716f4033778b73e

    • SHA256

      c08556d3e92cb3ce9146679255bf971c3e6289f59773a0b9fc6135459aad63ec

    • SHA512

      aeab5f7478593559a19fac99f1914be58962007fcf4dd682aa6acecb6f3e3c34ab2f3956779fa9d15e529f4f9382c9911b15426e6b814af146e05520d52c4cb7

    • SSDEEP

      1536:e4m5hdG78SadgsB6qAVmO1IrScroNmf97wNyic2fkf1a4HaBRr9wzdggaWL:eFk7xGgs8q9jf97y7c2fVYaBRBmgg

    Score
    8/10
    evasionexecutionupx

    • Drops file in Drivers directory

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks