Overview

overview

7

Static

static

7

29080b28f2...18.exe

windows7-x64

7

29080b28f2...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    29080b28f2ee098d4d66d19a45a32166_JaffaCakes118

  • Size

    207KB

  • Sample

    240706-v8j8cszbka

  • MD5

    29080b28f2ee098d4d66d19a45a32166

  • SHA1

    acf83ec49d717c73b5b0730bd4e389e159417716

  • SHA256

    26da9d68203be879c5a5fdd1bced6c98172ee47fd04f6511b53f6638fe2ba792

  • SHA512

    b89379182685077095688588c4b34553bc3daf0a95fb92d296e0bc36a494b10e50b67aca8099d71abe7a04d8f01a4c17205cc1285ad8fbf0120865747e445fa9

  • SSDEEP

    6144:m1l4uig3RKYBYacpGVEsfLY+gOODEvH2lus:luBBKkYpGpfkzzlT

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      29080b28f2ee098d4d66d19a45a32166_JaffaCakes118

    • Size

      207KB

    • MD5

      29080b28f2ee098d4d66d19a45a32166

    • SHA1

      acf83ec49d717c73b5b0730bd4e389e159417716

    • SHA256

      26da9d68203be879c5a5fdd1bced6c98172ee47fd04f6511b53f6638fe2ba792

    • SHA512

      b89379182685077095688588c4b34553bc3daf0a95fb92d296e0bc36a494b10e50b67aca8099d71abe7a04d8f01a4c17205cc1285ad8fbf0120865747e445fa9

    • SSDEEP

      6144:m1l4uig3RKYBYacpGVEsfLY+gOODEvH2lus:luBBKkYpGpfkzzlT

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks