Overview

overview

7

Static

static

3

3636117b74...18.exe

windows7-x64

7

3636117b74...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3636117b747fba6610910f8b2a55b9a2_JaffaCakes118

  • Size

    150KB

  • Sample

    240710-yzkdjszfpg

  • MD5

    3636117b747fba6610910f8b2a55b9a2

  • SHA1

    b5d6d7ed8ddce34af738061e92ba4a8f2b7b77f3

  • SHA256

    4ac44abb426f97ddf05e2052567fb1fa4eb662919157e9f4c91ff06df8cf739e

  • SHA512

    c36296a715d4f5f2f3a347066f3df58aa9be994b10fa4351f7b9b750e451a41d32aed803f92f1d627ee1b0140425fbf371f7ab696353d4b4086634c17d5630fd

  • SSDEEP

    3072:FYP2XerzhOUxu/XUtauF8iJkZUjtrqAqi4btXsFQ7WKfl:Fu2urzh9xu/XkauF5JgUjtrqAqiAemiy

Score
7/10
persistence

Malware Config

Targets

    • Target

      3636117b747fba6610910f8b2a55b9a2_JaffaCakes118

    • Size

      150KB

    • MD5

      3636117b747fba6610910f8b2a55b9a2

    • SHA1

      b5d6d7ed8ddce34af738061e92ba4a8f2b7b77f3

    • SHA256

      4ac44abb426f97ddf05e2052567fb1fa4eb662919157e9f4c91ff06df8cf739e

    • SHA512

      c36296a715d4f5f2f3a347066f3df58aa9be994b10fa4351f7b9b750e451a41d32aed803f92f1d627ee1b0140425fbf371f7ab696353d4b4086634c17d5630fd

    • SSDEEP

      3072:FYP2XerzhOUxu/XUtauF8iJkZUjtrqAqi4btXsFQ7WKfl:Fu2urzh9xu/XkauF5JgUjtrqAqiAemiy

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks