Overview

overview

8

Static

static

3

1c8554957d...18.exe

windows7-x64

8

1c8554957d...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c8554957dbc1a306abb3761d4919673_JaffaCakes118

  • Size

    45KB

  • Sample

    240701-z3wrestfnn

  • MD5

    1c8554957dbc1a306abb3761d4919673

  • SHA1

    c4ec35261f35a44d4a0ffc3e31c8b492710d86a0

  • SHA256

    42b0825156a224597ef9cab4fb09dcbf194cee29379118b5016eed6f9a8f4162

  • SHA512

    94f73ddb06b6f0d4b29088138973c6f345d42f74175bc9f4a3ee05bdbe86009a33faae67a1fb970d5163ef634ff38e9a71fd5511e651f49116c36f28404d4077

  • SSDEEP

    768:5RVZwlepBH12mX3uN3aO74s9dcKDI0GZTg70Wq1qtewJJgzY4Dy2:5RAepBAmnuhN74k6GIhfWa8izY47

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      1c8554957dbc1a306abb3761d4919673_JaffaCakes118

    • Size

      45KB

    • MD5

      1c8554957dbc1a306abb3761d4919673

    • SHA1

      c4ec35261f35a44d4a0ffc3e31c8b492710d86a0

    • SHA256

      42b0825156a224597ef9cab4fb09dcbf194cee29379118b5016eed6f9a8f4162

    • SHA512

      94f73ddb06b6f0d4b29088138973c6f345d42f74175bc9f4a3ee05bdbe86009a33faae67a1fb970d5163ef634ff38e9a71fd5511e651f49116c36f28404d4077

    • SSDEEP

      768:5RVZwlepBH12mX3uN3aO74s9dcKDI0GZTg70Wq1qtewJJgzY4Dy2:5RAepBAmnuhN74k6GIhfWa8izY47

    Score
    8/10
    evasionpersistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks