Overview

overview

8

Static

static

3

7323830f60...18.exe

windows7-x64

8

7323830f60...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7323830f605ae1bab569661866537cc7_JaffaCakes118

  • Size

    640KB

  • Sample

    240726-jfvylsvbjl

  • MD5

    7323830f605ae1bab569661866537cc7

  • SHA1

    2f5c0a769f9c50741814d2612f6bd946d28f288c

  • SHA256

    aff15eb99f27e19ee41b2319bd9dd54593c0a721f768e1000d51ea9681ccd9e7

  • SHA512

    5784f277d41f40a6406a0859d016708ef8bee30f8fcbd06fba3f06831b4138872f026e0df7fad5b252a352f2b4f4b21d2d7f2713c279fa35f2619c553031ecbd

  • SSDEEP

    12288:AoNAQqLew5SdDN2u/RCa7F804DevBjnWMOC6z9uoKPFwX3/zi2sV:AMPqh5SV8aRCeGPDatd0uoeFCm

Score
8/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      7323830f605ae1bab569661866537cc7_JaffaCakes118

    • Size

      640KB

    • MD5

      7323830f605ae1bab569661866537cc7

    • SHA1

      2f5c0a769f9c50741814d2612f6bd946d28f288c

    • SHA256

      aff15eb99f27e19ee41b2319bd9dd54593c0a721f768e1000d51ea9681ccd9e7

    • SHA512

      5784f277d41f40a6406a0859d016708ef8bee30f8fcbd06fba3f06831b4138872f026e0df7fad5b252a352f2b4f4b21d2d7f2713c279fa35f2619c553031ecbd

    • SSDEEP

      12288:AoNAQqLew5SdDN2u/RCa7F804DevBjnWMOC6z9uoKPFwX3/zi2sV:AMPqh5SV8aRCeGPDatd0uoeFCm

    Score
    8/10
    discoveryevasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks