Overview

overview

8

Static

static

7

34fa892516...18.exe

windows7-x64

8

34fa892516...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34fa89251681e20c983317fef6d0690b_JaffaCakes118

  • Size

    374KB

  • Sample

    240710-q4mqgatena

  • MD5

    34fa89251681e20c983317fef6d0690b

  • SHA1

    fa1d1ba50253f02415b380b9ffa672ae20e9ac68

  • SHA256

    41d68c6c9c47fb2148a3c8c4fb6c631eb81fc740e5198ccd8b8a88f50db0dfd7

  • SHA512

    eb13dee4f5098b5300311cfe7cc49043d6711d861576f47dccd09937fc185d9e56dcaa694a955896f271c45d0d039d4dd9dfcbb68b0122d680c0599639a2efab

  • SSDEEP

    3072:v15GEu815GEu815GEu815N15GEu815GEuWQqy:t5GXu5GXu5GXu5n5GXu5GXD

Score
8/10
upx

Malware Config

Targets

    • Target

      34fa89251681e20c983317fef6d0690b_JaffaCakes118

    • Size

      374KB

    • MD5

      34fa89251681e20c983317fef6d0690b

    • SHA1

      fa1d1ba50253f02415b380b9ffa672ae20e9ac68

    • SHA256

      41d68c6c9c47fb2148a3c8c4fb6c631eb81fc740e5198ccd8b8a88f50db0dfd7

    • SHA512

      eb13dee4f5098b5300311cfe7cc49043d6711d861576f47dccd09937fc185d9e56dcaa694a955896f271c45d0d039d4dd9dfcbb68b0122d680c0599639a2efab

    • SSDEEP

      3072:v15GEu815GEu815GEu815N15GEu815GEuWQqy:t5GXu5GXu5GXu5n5GXu5GXD

    Score
    8/10
    upx

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks