Overview

overview

8

Static

static

1

5a90dea6c7...18.exe

windows7-x64

8

5a90dea6c7...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a90dea6c71ba98c19e5d8e5a156b119_JaffaCakes118

  • Size

    728KB

  • Sample

    240719-fn4zpsxcnd

  • MD5

    5a90dea6c71ba98c19e5d8e5a156b119

  • SHA1

    dbf35795365d2046766d0efde8e63decf12d0b6a

  • SHA256

    1843d0a590a5b37245dce3f65687f69ecbdad9694f863cfebdd61c542039044b

  • SHA512

    50c6476cfc253a870f703726d9b635544f1287464b00b7d7a4cf72186c6cccc1724ae86274047e9526b01e2b76cea76c1c66952d6bd7b0ec15697631d32d5475

  • SSDEEP

    12288:lEcF8D2K53tGcAOYYsLN2Z8bbX0/meGDgGeItoEc9GspWZhASRXHYnrm4:lEc8H5fMLN2Kb70rGlFtov9GsqRXHYrn

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      5a90dea6c71ba98c19e5d8e5a156b119_JaffaCakes118

    • Size

      728KB

    • MD5

      5a90dea6c71ba98c19e5d8e5a156b119

    • SHA1

      dbf35795365d2046766d0efde8e63decf12d0b6a

    • SHA256

      1843d0a590a5b37245dce3f65687f69ecbdad9694f863cfebdd61c542039044b

    • SHA512

      50c6476cfc253a870f703726d9b635544f1287464b00b7d7a4cf72186c6cccc1724ae86274047e9526b01e2b76cea76c1c66952d6bd7b0ec15697631d32d5475

    • SSDEEP

      12288:lEcF8D2K53tGcAOYYsLN2Z8bbX0/meGDgGeItoEc9GspWZhASRXHYnrm4:lEc8H5fMLN2Kb70rGlFtov9GsqRXHYrn

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks