Overview

overview

10

Static

static

3

781aa3825f...18.exe

windows7-x64

10

781aa3825f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    781aa3825f4d82e4d1cc07e07fcd6e35_JaffaCakes118

  • Size

    252KB

  • Sample

    240727-nxhrts1crb

  • MD5

    781aa3825f4d82e4d1cc07e07fcd6e35

  • SHA1

    5f2defdac72c9e5c2e395e7e3202a7366e78184f

  • SHA256

    f85158148339e9399f57c4fe5eee2250aeeb2eca14da1762263af509d48671b7

  • SHA512

    0e91681b2cbf6fefef447da4e7c3f42918d18b40e1dc9bac396fc39983bfa7e77c7e3573699f3098a5e62bb4e0f9878e6a498374e6116d044d48680545b811ee

  • SSDEEP

    6144:Zs7CGWUsbNZeoqRAvFPpWlyfeWgdx1XxcNoX+poNd8m3RZWuAzgGP:ZaWUsbbeoqRAFpWlyfeWgdx1Xxq4+poc

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      781aa3825f4d82e4d1cc07e07fcd6e35_JaffaCakes118

    • Size

      252KB

    • MD5

      781aa3825f4d82e4d1cc07e07fcd6e35

    • SHA1

      5f2defdac72c9e5c2e395e7e3202a7366e78184f

    • SHA256

      f85158148339e9399f57c4fe5eee2250aeeb2eca14da1762263af509d48671b7

    • SHA512

      0e91681b2cbf6fefef447da4e7c3f42918d18b40e1dc9bac396fc39983bfa7e77c7e3573699f3098a5e62bb4e0f9878e6a498374e6116d044d48680545b811ee

    • SSDEEP

      6144:Zs7CGWUsbNZeoqRAvFPpWlyfeWgdx1XxcNoX+poNd8m3RZWuAzgGP:ZaWUsbbeoqRAFpWlyfeWgdx1Xxq4+poc

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks