Overview

overview

8

Static

static

3

3d929fe73d...18.exe

windows7-x64

8

3d929fe73d...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d929fe73d29162511a345b8195708fd_JaffaCakes118

  • Size

    100KB

  • Sample

    240712-qsr6taxfph

  • MD5

    3d929fe73d29162511a345b8195708fd

  • SHA1

    222419aeebfd67491911b3dcb88c77d5bfa8e809

  • SHA256

    c445efe7633243b313df6c1fc5e5954d06ae388a9e096f9baaaab58ff3ba6172

  • SHA512

    93a39b7ab1e8216e6b76610444f9612f4aaa891316385667bfc012dfd4da22fc79e0197ceef2a0a41e8c60c4f88594170517c0bfba5abd2e51c440d689714f07

  • SSDEEP

    1536:tNof1paT2faHJndDd08TKpynoOlvUgH0+NMkDf241E4uoGs7hR5sWmmL:tOKT2OJnT1nbvt9NMMj1E/UrsWl

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      3d929fe73d29162511a345b8195708fd_JaffaCakes118

    • Size

      100KB

    • MD5

      3d929fe73d29162511a345b8195708fd

    • SHA1

      222419aeebfd67491911b3dcb88c77d5bfa8e809

    • SHA256

      c445efe7633243b313df6c1fc5e5954d06ae388a9e096f9baaaab58ff3ba6172

    • SHA512

      93a39b7ab1e8216e6b76610444f9612f4aaa891316385667bfc012dfd4da22fc79e0197ceef2a0a41e8c60c4f88594170517c0bfba5abd2e51c440d689714f07

    • SSDEEP

      1536:tNof1paT2faHJndDd08TKpynoOlvUgH0+NMkDf241E4uoGs7hR5sWmmL:tOKT2OJnT1nbvt9NMMj1E/UrsWl

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks