Overview

overview

7

Static

static

3

649337ed55...18.exe

windows7-x64

7

649337ed55...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    649337ed55feffb0124c9db482024d17_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240722-ylcrjsvekh

  • MD5

    649337ed55feffb0124c9db482024d17

  • SHA1

    758df1a226c50981262be6122c38bd5e39834f6b

  • SHA256

    ed5ad954df7f8fc8d2df13f9acbaa3f0b8ce20e51388ddb99edea2c5ece4dd61

  • SHA512

    b9b3e215db307e00b1a3b4c4edbb4bc6f4781f53778f764889b84f75774af2db1e52c8dcd14c0233c9ab3b027c229c41024c234889a019d7fc71f25d11d2a521

  • SSDEEP

    24576:2WOplsbO/DMQakN4N2dMgin7VRiLvrwabbOOwI2NB3Wtf/rV9+JW7nBBVFMO17Gb:zOplW7QakN4aGqw7FIO4Rx9+J8BVVyOK

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      649337ed55feffb0124c9db482024d17_JaffaCakes118

    • Size

      1.3MB

    • MD5

      649337ed55feffb0124c9db482024d17

    • SHA1

      758df1a226c50981262be6122c38bd5e39834f6b

    • SHA256

      ed5ad954df7f8fc8d2df13f9acbaa3f0b8ce20e51388ddb99edea2c5ece4dd61

    • SHA512

      b9b3e215db307e00b1a3b4c4edbb4bc6f4781f53778f764889b84f75774af2db1e52c8dcd14c0233c9ab3b027c229c41024c234889a019d7fc71f25d11d2a521

    • SSDEEP

      24576:2WOplsbO/DMQakN4N2dMgin7VRiLvrwabbOOwI2NB3Wtf/rV9+JW7nBBVFMO17Gb:zOplW7QakN4aGqw7FIO4Rx9+J8BVVyOK

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks