Overview

overview

8

Static

static

3

390138c36f...18.exe

windows7-x64

8

390138c36f...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    390138c36f3cb2ae744b685d6ad1648a_JaffaCakes118

  • Size

    1008KB

  • Sample

    240711-n2ldhsvfmn

  • MD5

    390138c36f3cb2ae744b685d6ad1648a

  • SHA1

    4c6c2838f5761f10b231d91c981c65cdde07af8a

  • SHA256

    f917471d3e2e54216f09a961626a49d7757d734febe18642fe59d58a86b52e70

  • SHA512

    a90726ff0eae2f05a5461be44fdf1e01aa59cb592865829db2a589e7a46d3ab2ace300531888f9a6852e3977d5bc7bf22b49d58a349e61033404dbe9d52a88d5

  • SSDEEP

    24576:uGoqA6yiQQNN3iR1n7HNhf1fGxTojrIMC3D7:uSTAQH817HNhkJ2MMC3

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      390138c36f3cb2ae744b685d6ad1648a_JaffaCakes118

    • Size

      1008KB

    • MD5

      390138c36f3cb2ae744b685d6ad1648a

    • SHA1

      4c6c2838f5761f10b231d91c981c65cdde07af8a

    • SHA256

      f917471d3e2e54216f09a961626a49d7757d734febe18642fe59d58a86b52e70

    • SHA512

      a90726ff0eae2f05a5461be44fdf1e01aa59cb592865829db2a589e7a46d3ab2ace300531888f9a6852e3977d5bc7bf22b49d58a349e61033404dbe9d52a88d5

    • SSDEEP

      24576:uGoqA6yiQQNN3iR1n7HNhf1fGxTojrIMC3D7:uSTAQH817HNhkJ2MMC3

    Score
    8/10
    persistenceupx

    • Adds policy Run key to start application

      persistence

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks