Overview

overview

10

Static

static

10

6fe4ac1776...18.exe

windows7-x64

7

6fe4ac1776...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6fe4ac17766e2878f6b57320cfafcbe4_JaffaCakes118

  • Size

    492KB

  • Sample

    240725-rev6zssepl

  • MD5

    6fe4ac17766e2878f6b57320cfafcbe4

  • SHA1

    20f4ebae589f61726d5ad7ed29c87f222b3f4298

  • SHA256

    6ec7b2b08274592b5830ae39c0e6cae025367d455a7ee5407daea259f89b374f

  • SHA512

    17219231eb829d970b8bb6088fcf64e44460b3aa294cd6cfc5819672d45df41e399bd2e8f758ef5ab79f26a5235a2f00bff78d88ccfa2d450cd8aafb0ca6f9ba

  • SSDEEP

    6144:awcaAn70pz2YDY/XgvZX4NeCPwcaAn70pz2YJY/XgvZX4NeCIZvLKvu:aZn70l3SI4NhPZn70l3UI4NhIJLKvu

Score
10/10
revengeratdiscoverystealer

Malware Config

Targets

    • Target

      6fe4ac17766e2878f6b57320cfafcbe4_JaffaCakes118

    • Size

      492KB

    • MD5

      6fe4ac17766e2878f6b57320cfafcbe4

    • SHA1

      20f4ebae589f61726d5ad7ed29c87f222b3f4298

    • SHA256

      6ec7b2b08274592b5830ae39c0e6cae025367d455a7ee5407daea259f89b374f

    • SHA512

      17219231eb829d970b8bb6088fcf64e44460b3aa294cd6cfc5819672d45df41e399bd2e8f758ef5ab79f26a5235a2f00bff78d88ccfa2d450cd8aafb0ca6f9ba

    • SSDEEP

      6144:awcaAn70pz2YDY/XgvZX4NeCPwcaAn70pz2YJY/XgvZX4NeCIZvLKvu:aZn70l3SI4NhPZn70l3UI4NhIJLKvu

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks