Overview

overview

8

Static

static

3

5ffedfd09f...18.exe

windows7-x64

8

5ffedfd09f...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    5ffedfd09fa95d9a5a557def6d85b742_JaffaCakes118

  • Size

    61KB

  • Sample

    240720-lt3lqawhjk

  • MD5

    5ffedfd09fa95d9a5a557def6d85b742

  • SHA1

    0b91ef0e8df879ae212ee34e64eafeb6b5037815

  • SHA256

    9ced9549dfbfaba1099227b87f92eb6d8fdf014386278dc8c12a9366e8cab398

  • SHA512

    1c79b6a8cb4d23dbc0ca33dfa63064196997bc63e4a7700b871a722f0a448d894956df6a35de857d35a2bb4c2250a89992d88837ead4582ee7c39adf2f76e903

  • SSDEEP

    768:Hhj29cW7XPzBzXksWbz2+Vqcqfx6fSGisJLsFCLGVhgchbyzxiesglkY136OT9Pf:HpBQXN7kn2516fhaCWnhbKlhPT9Prms

Score
8/10
persistence

Malware Config

Targets

    • Target

      5ffedfd09fa95d9a5a557def6d85b742_JaffaCakes118

    • Size

      61KB

    • MD5

      5ffedfd09fa95d9a5a557def6d85b742

    • SHA1

      0b91ef0e8df879ae212ee34e64eafeb6b5037815

    • SHA256

      9ced9549dfbfaba1099227b87f92eb6d8fdf014386278dc8c12a9366e8cab398

    • SHA512

      1c79b6a8cb4d23dbc0ca33dfa63064196997bc63e4a7700b871a722f0a448d894956df6a35de857d35a2bb4c2250a89992d88837ead4582ee7c39adf2f76e903

    • SSDEEP

      768:Hhj29cW7XPzBzXksWbz2+Vqcqfx6fSGisJLsFCLGVhgchbyzxiesglkY136OT9Pf:HpBQXN7kn2516fhaCWnhbKlhPT9Prms

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks