Overview

overview

10

Static

static

3

78c4d3e9d1...18.exe

windows7-x64

10

78c4d3e9d1...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78c4d3e9d1399b4ec24577c91f1fa27d_JaffaCakes118

  • Size

    33KB

  • Sample

    240727-ttgm9axfkm

  • MD5

    78c4d3e9d1399b4ec24577c91f1fa27d

  • SHA1

    da165a36d401325562ce46f91ac5e88ef5d46336

  • SHA256

    e013e923f9c4156e2a945a12a064b975f0d363237fb1414cfa0040b5c36f5d13

  • SHA512

    cad7924dec39f0147a1e9e3f9f18935ce54b54a85f6218f3c8544eae45ad300f9c2874b795d82aa3983431f1993a597dd738020fd37d5f9b100a08dc5e4d41a5

  • SSDEEP

    768:RktmtIHEe8IDPIXRnRn3psupMG6uJXPYB:utmGHx8AIX/npMGZA

Score
10/10
persistence

Malware Config

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    smtp.gmail.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    bl00dl1n3

Targets

    • Target

      78c4d3e9d1399b4ec24577c91f1fa27d_JaffaCakes118

    • Size

      33KB

    • MD5

      78c4d3e9d1399b4ec24577c91f1fa27d

    • SHA1

      da165a36d401325562ce46f91ac5e88ef5d46336

    • SHA256

      e013e923f9c4156e2a945a12a064b975f0d363237fb1414cfa0040b5c36f5d13

    • SHA512

      cad7924dec39f0147a1e9e3f9f18935ce54b54a85f6218f3c8544eae45ad300f9c2874b795d82aa3983431f1993a597dd738020fd37d5f9b100a08dc5e4d41a5

    • SSDEEP

      768:RktmtIHEe8IDPIXRnRn3psupMG6uJXPYB:utmGHx8AIX/npMGZA

    Score
    10/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks