Overview

overview

7

Static

static

3

5ed25617e1...18.exe

windows7-x64

7

5ed25617e1...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    5ed25617e18debe0925eb0d7378b4af7_JaffaCakes118

  • Size

    896KB

  • Sample

    240720-drmtgsxdnf

  • MD5

    5ed25617e18debe0925eb0d7378b4af7

  • SHA1

    2372f3c24cb067f8a5b9f6286bb88c9826d24624

  • SHA256

    08124ea516bd3caac59980d5b0405ccb0f10841d2d89ec4aa116052cfa975a36

  • SHA512

    8e77cbf099a597da5a6c6c3c9d9699b26a42bd42da12f1fba27aa8bcf395dd855b6666d48c1803e77b98be11a95ae7893d16431f804410efccd4831312ce0ccb

  • SSDEEP

    12288:4C7aUBWPu8pJqRs6QUz2R7wm/YzeYuVSNR9tqznZP6G9/NViLgI8:/aDxJqZkwmAKEtqznZPXJicI8

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      5ed25617e18debe0925eb0d7378b4af7_JaffaCakes118

    • Size

      896KB

    • MD5

      5ed25617e18debe0925eb0d7378b4af7

    • SHA1

      2372f3c24cb067f8a5b9f6286bb88c9826d24624

    • SHA256

      08124ea516bd3caac59980d5b0405ccb0f10841d2d89ec4aa116052cfa975a36

    • SHA512

      8e77cbf099a597da5a6c6c3c9d9699b26a42bd42da12f1fba27aa8bcf395dd855b6666d48c1803e77b98be11a95ae7893d16431f804410efccd4831312ce0ccb

    • SSDEEP

      12288:4C7aUBWPu8pJqRs6QUz2R7wm/YzeYuVSNR9tqznZP6G9/NViLgI8:/aDxJqZkwmAKEtqznZPXJicI8

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks