Overview

overview

8

Static

static

1

4a1173d639...18.exe

windows7-x64

8

4a1173d639...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4a1173d63962c36253b09a6e5f9f0a0c_JaffaCakes118

  • Size

    731KB

  • Sample

    240715-rtknssvfjq

  • MD5

    4a1173d63962c36253b09a6e5f9f0a0c

  • SHA1

    0ffc7d824369c2e372688d463a391f2f46419025

  • SHA256

    c36c5d5406ef622fe014a6be5475336d65ac8974dc3c189182065367f16e5676

  • SHA512

    cf04385100a6ed574511ad56222fe21f4da135f643827183c292405eb757422e0e478ea21cf5297050ee1f9269f7dcbd8077f4aa108b8af4afa206e1941ae70c

  • SSDEEP

    12288:Jaingtd/9iCpVEZxzraxdUdpmGFmjnDgGeIttwoPR5pWZhAIRXHYnrmP:JaigD/ArravUdsGwnlFttwYQRXHYrmP

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      4a1173d63962c36253b09a6e5f9f0a0c_JaffaCakes118

    • Size

      731KB

    • MD5

      4a1173d63962c36253b09a6e5f9f0a0c

    • SHA1

      0ffc7d824369c2e372688d463a391f2f46419025

    • SHA256

      c36c5d5406ef622fe014a6be5475336d65ac8974dc3c189182065367f16e5676

    • SHA512

      cf04385100a6ed574511ad56222fe21f4da135f643827183c292405eb757422e0e478ea21cf5297050ee1f9269f7dcbd8077f4aa108b8af4afa206e1941ae70c

    • SSDEEP

      12288:Jaingtd/9iCpVEZxzraxdUdpmGFmjnDgGeIttwoPR5pWZhAIRXHYnrmP:JaigD/ArravUdsGwnlFttwYQRXHYrmP

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks