Overview

overview

7

Static

static

3

1ba2692bf7...18.exe

windows7-x64

7

1ba2692bf7...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1ba2692bf72aeb79bf05cda89d7e94f1_JaffaCakes118

  • Size

    440KB

  • Sample

    240701-rrbm4szenk

  • MD5

    1ba2692bf72aeb79bf05cda89d7e94f1

  • SHA1

    e0240a7dc73d2d0702d67fd44e42a4a5634f6daa

  • SHA256

    f272eb0ee583d5d9fc96d145d1fee67f9c36d0ede9b8e6ab50077afaa8211539

  • SHA512

    52ff783e3db40d749886abd89ad54833abc69a0f8cee4d8c754d5ff9533aa28e862f916abdcd9c3bfb6189b027ba3dae8c01169b42e0f916782cb0357c2cc08e

  • SSDEEP

    6144:5ZunObR8sVImcyYC5Juz3jzB8kOQIq+3mxkyJIrC+J/pbKvCB23xqy7uXhY7pOK+:WK+mzs/6Y+4hupHQYyqXh6ZyDlDH5

Score
7/10
upx

Malware Config

Targets

    • Target

      1ba2692bf72aeb79bf05cda89d7e94f1_JaffaCakes118

    • Size

      440KB

    • MD5

      1ba2692bf72aeb79bf05cda89d7e94f1

    • SHA1

      e0240a7dc73d2d0702d67fd44e42a4a5634f6daa

    • SHA256

      f272eb0ee583d5d9fc96d145d1fee67f9c36d0ede9b8e6ab50077afaa8211539

    • SHA512

      52ff783e3db40d749886abd89ad54833abc69a0f8cee4d8c754d5ff9533aa28e862f916abdcd9c3bfb6189b027ba3dae8c01169b42e0f916782cb0357c2cc08e

    • SSDEEP

      6144:5ZunObR8sVImcyYC5Juz3jzB8kOQIq+3mxkyJIrC+J/pbKvCB23xqy7uXhY7pOK+:WK+mzs/6Y+4hupHQYyqXh6ZyDlDH5

    Score
    7/10
    upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks