Overview

overview

8

Static

static

3

78d78dc969...18.dll

windows7-x64

8

78d78dc969...18.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    78d78dc96924eac843d0481fa052f502_JaffaCakes118

  • Size

    617KB

  • Sample

    240727-va7k1aydln

  • MD5

    78d78dc96924eac843d0481fa052f502

  • SHA1

    09b5752eda4baf45c87545e79e19d8894cd5cef4

  • SHA256

    0cc1b16779ce97754cb17f07d987e6a28d154b406cd11aae6ab5f11dbc478f4c

  • SHA512

    281a7f12024e908cff839bb12e36cb2567a7b738b3eb79f4a62c0f914ba9ae2809adfd82b6d30a79c9ede655033117b29abc24d511b70fd920a470f18dd29d81

  • SSDEEP

    12288:TjG/5NwYkK19iOCr+TMoO30mYn0YaAsGhQHxM5DKTrH5eZQ2q:TjGAK19iOCr+TMoO30mYn0YaAstHxM5e

Score
8/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      78d78dc96924eac843d0481fa052f502_JaffaCakes118

    • Size

      617KB

    • MD5

      78d78dc96924eac843d0481fa052f502

    • SHA1

      09b5752eda4baf45c87545e79e19d8894cd5cef4

    • SHA256

      0cc1b16779ce97754cb17f07d987e6a28d154b406cd11aae6ab5f11dbc478f4c

    • SHA512

      281a7f12024e908cff839bb12e36cb2567a7b738b3eb79f4a62c0f914ba9ae2809adfd82b6d30a79c9ede655033117b29abc24d511b70fd920a470f18dd29d81

    • SSDEEP

      12288:TjG/5NwYkK19iOCr+TMoO30mYn0YaAsGhQHxM5DKTrH5eZQ2q:TjGAK19iOCr+TMoO30mYn0YaAstHxM5e

    Score
    8/10
    defense_evasiondiscoverypersistence

    • Server Software Component: Terminal Services DLL

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks