Overview

overview

7

Static

static

3

6994d2fc6c...18.exe

windows7-x64

7

6994d2fc6c...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6994d2fc6c9572a7a5e4973de9de7816_JaffaCakes118

  • Size

    62KB

  • Sample

    240724-av7fhs1brh

  • MD5

    6994d2fc6c9572a7a5e4973de9de7816

  • SHA1

    9b0d7bac771e61179b478a30ee6302a4422a271a

  • SHA256

    7b58b69bd31fa4ef62596ff4a3bd58f4f1988618f9039db5d99389cb98a57eae

  • SHA512

    74fec8cf63dc72561e272fedf81c300fcf0a446829976201addde06428f76ab962de35085671f5644f31a6484ea41f0e5feaae5c6667045ebe883aeef735b29b

  • SSDEEP

    1536:qAWqnYPZlfSZkSVlm3X7dbyyxj/banaIuskeC:Ch/SrvmFlxjBstC

Score
7/10
aspackv2defense_evasiondiscovery

Malware Config

Targets

    • Target

      6994d2fc6c9572a7a5e4973de9de7816_JaffaCakes118

    • Size

      62KB

    • MD5

      6994d2fc6c9572a7a5e4973de9de7816

    • SHA1

      9b0d7bac771e61179b478a30ee6302a4422a271a

    • SHA256

      7b58b69bd31fa4ef62596ff4a3bd58f4f1988618f9039db5d99389cb98a57eae

    • SHA512

      74fec8cf63dc72561e272fedf81c300fcf0a446829976201addde06428f76ab962de35085671f5644f31a6484ea41f0e5feaae5c6667045ebe883aeef735b29b

    • SSDEEP

      1536:qAWqnYPZlfSZkSVlm3X7dbyyxj/banaIuskeC:Ch/SrvmFlxjBstC

    Score
    7/10
    aspackv2defense_evasiondiscovery

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks