Overview

overview

7

Static

static

3

4859f30405...18.exe

windows7-x64

3

4859f30405...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4859f304058c3620f5a2ab0a94fc60de_JaffaCakes118

  • Size

    69KB

  • Sample

    240715-fsjvbszajp

  • MD5

    4859f304058c3620f5a2ab0a94fc60de

  • SHA1

    06910ff93075e2eedd0234aac76107f2ec044518

  • SHA256

    180db850e4b518bfbb14b7cb55a4c379de8976f3f4bcafb822000075b0cd23d8

  • SHA512

    ee2932a49b7168bcbda802fe3fcb1d3f3f70c772d296a35a54861d8597a1d5601ee5303c4f12e6b30a63be73895d6cb82c801e4cf979ba79bfecd3078625a8c4

  • SSDEEP

    1536:zj8tkU3Qe+elpOqBrAju1pgdyPeaHRaVJ9SBBpS:z7s5kjW+dyP+VOpS

Score
7/10
persistence

Malware Config

Targets

    • Target

      4859f304058c3620f5a2ab0a94fc60de_JaffaCakes118

    • Size

      69KB

    • MD5

      4859f304058c3620f5a2ab0a94fc60de

    • SHA1

      06910ff93075e2eedd0234aac76107f2ec044518

    • SHA256

      180db850e4b518bfbb14b7cb55a4c379de8976f3f4bcafb822000075b0cd23d8

    • SHA512

      ee2932a49b7168bcbda802fe3fcb1d3f3f70c772d296a35a54861d8597a1d5601ee5303c4f12e6b30a63be73895d6cb82c801e4cf979ba79bfecd3078625a8c4

    • SSDEEP

      1536:zj8tkU3Qe+elpOqBrAju1pgdyPeaHRaVJ9SBBpS:z7s5kjW+dyP+VOpS

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks