Overview

overview

8

Static

static

7

3285450677...18.exe

windows7-x64

8

3285450677...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3285450677e921b1b266bae9f1454838_JaffaCakes118

  • Size

    133KB

  • Sample

    240709-3115xatepl

  • MD5

    3285450677e921b1b266bae9f1454838

  • SHA1

    3770f2bda71a6e46b87b0d97f3dadc0726b741b8

  • SHA256

    0533b9330a60da8c7f8de8587ce3437d6b0f34c17c089bffe730d8e828279c80

  • SHA512

    a9cbf292510f2cff9ee280aa7dc7a4b6c52d90be7f12c8751027663d7dbc1d9ce7fb520272a0d24b840d56c2e38c18cce6fee94b4adbbdf2e1fce9396086abcd

  • SSDEEP

    3072:3gYRvksstTEq4Fn5f6J/cRLcfdcDjpg1P5SQRzI:3gAOt4q4l5f4cRofGB0gQFI

Score
8/10
evasiontrojanupx

Malware Config

Targets

    • Target

      3285450677e921b1b266bae9f1454838_JaffaCakes118

    • Size

      133KB

    • MD5

      3285450677e921b1b266bae9f1454838

    • SHA1

      3770f2bda71a6e46b87b0d97f3dadc0726b741b8

    • SHA256

      0533b9330a60da8c7f8de8587ce3437d6b0f34c17c089bffe730d8e828279c80

    • SHA512

      a9cbf292510f2cff9ee280aa7dc7a4b6c52d90be7f12c8751027663d7dbc1d9ce7fb520272a0d24b840d56c2e38c18cce6fee94b4adbbdf2e1fce9396086abcd

    • SSDEEP

      3072:3gYRvksstTEq4Fn5f6J/cRLcfdcDjpg1P5SQRzI:3gAOt4q4l5f4cRofGB0gQFI

    Score
    8/10
    evasiontrojanupx

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks