Overview

overview

9

Static

static

3

27b7f18f30...18.exe

windows7-x64

9

27b7f18f30...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27b7f18f30f2b476f82b125c4c1f82dd_JaffaCakes118

  • Size

    552KB

  • Sample

    240706-h8wj6szhkq

  • MD5

    27b7f18f30f2b476f82b125c4c1f82dd

  • SHA1

    c5c8711cd86a8d8ab893d69339d7d7636a09591a

  • SHA256

    76462ae7e52f20c9e440e0475b44741146e3ae17553afe473d0d56decdead49f

  • SHA512

    75d00e02008add5931a3b768ffbf8e02b0cd22f207c7a69cba41cce54a4d1caa04fa41e8b4535fef7976c88dbcc140805ee2e9a85f1b06371242c9b55de78ef5

  • SSDEEP

    12288:ILtcLzJxRfzAVTaB0UW8XUQz3X/bTxj86nscz28V:IiJxag++Bz/b9jjscr

Score
9/10

Malware Config

Targets

    • Target

      27b7f18f30f2b476f82b125c4c1f82dd_JaffaCakes118

    • Size

      552KB

    • MD5

      27b7f18f30f2b476f82b125c4c1f82dd

    • SHA1

      c5c8711cd86a8d8ab893d69339d7d7636a09591a

    • SHA256

      76462ae7e52f20c9e440e0475b44741146e3ae17553afe473d0d56decdead49f

    • SHA512

      75d00e02008add5931a3b768ffbf8e02b0cd22f207c7a69cba41cce54a4d1caa04fa41e8b4535fef7976c88dbcc140805ee2e9a85f1b06371242c9b55de78ef5

    • SSDEEP

      12288:ILtcLzJxRfzAVTaB0UW8XUQz3X/bTxj86nscz28V:IiJxag++Bz/b9jjscr

    Score
    9/10

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks