Overview

overview

10

Static

static

7

3078621ae6...18.exe

windows7-x64

10

3078621ae6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3078621ae6e60b51c1e94b9903f8bfea_JaffaCakes118

  • Size

    5.2MB

  • Sample

    240709-p75j1swgrh

  • MD5

    3078621ae6e60b51c1e94b9903f8bfea

  • SHA1

    33f2fd716e80c1fa17985aac8116c5d8de22c3b8

  • SHA256

    88955b9d443971525aee2897dfbc00fd61ae40a8b9a247ce8169eba21a5c6789

  • SHA512

    711c687c8d93fa1ae55d4e9fd9982aa7a6a47c02ca5d68a24565400bbd8e97bcd6e81980339e7ad85049a90b4326353dc7409b227d6374a306a0345f02116627

  • SSDEEP

    24576:qN70pTqR+Xh03Bck/r+b7yPHEniwBATD:qaWmh03Br6bAHEnigMD

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      3078621ae6e60b51c1e94b9903f8bfea_JaffaCakes118

    • Size

      5.2MB

    • MD5

      3078621ae6e60b51c1e94b9903f8bfea

    • SHA1

      33f2fd716e80c1fa17985aac8116c5d8de22c3b8

    • SHA256

      88955b9d443971525aee2897dfbc00fd61ae40a8b9a247ce8169eba21a5c6789

    • SHA512

      711c687c8d93fa1ae55d4e9fd9982aa7a6a47c02ca5d68a24565400bbd8e97bcd6e81980339e7ad85049a90b4326353dc7409b227d6374a306a0345f02116627

    • SSDEEP

      24576:qN70pTqR+Xh03Bck/r+b7yPHEniwBATD:qaWmh03Br6bAHEnigMD

    Score
    10/10
    evasionpersistenceupx

    • Modifies firewall policy service

      evasion

    • Adds policy Run key to start application

      persistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks