Overview

overview

10

Static

static

3

78e941969c...18.exe

windows7-x64

10

78e941969c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78e941969c166c4c855d32bd36e59be2_JaffaCakes118

  • Size

    432KB

  • Sample

    240727-vqv7xashme

  • MD5

    78e941969c166c4c855d32bd36e59be2

  • SHA1

    73e8b9c99dde8246ca278f8c5acd939e0aa650a6

  • SHA256

    863c0e27f714adaf1c9fa4e1249439b3498e00863b145b998f69baa8dbc259e2

  • SHA512

    a46d2d0ca755df82284549a8ad852a9d8f077d629558f1ac6ca4347a22ec81ddbe0bdabd2e37fb37aef819bfa40d5c0b12cbf8e910b64346b98fa6678648f554

  • SSDEEP

    6144:61VCdIgi71nAv/szQRzf4Zj3JVyN/Y53fZ6ZsVb7:4VCdInSssRWjPy9Y53B6A7

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      78e941969c166c4c855d32bd36e59be2_JaffaCakes118

    • Size

      432KB

    • MD5

      78e941969c166c4c855d32bd36e59be2

    • SHA1

      73e8b9c99dde8246ca278f8c5acd939e0aa650a6

    • SHA256

      863c0e27f714adaf1c9fa4e1249439b3498e00863b145b998f69baa8dbc259e2

    • SHA512

      a46d2d0ca755df82284549a8ad852a9d8f077d629558f1ac6ca4347a22ec81ddbe0bdabd2e37fb37aef819bfa40d5c0b12cbf8e910b64346b98fa6678648f554

    • SSDEEP

      6144:61VCdIgi71nAv/szQRzf4Zj3JVyN/Y53fZ6ZsVb7:4VCdInSssRWjPy9Y53B6A7

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks