Overview

overview

8

Static

static

3

84e7da8f35...18.exe

windows7-x64

8

84e7da8f35...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84e7da8f35b7e0466d7ae5af2026f202_JaffaCakes118

  • Size

    658KB

  • Sample

    240810-fsq9eaxbpl

  • MD5

    84e7da8f35b7e0466d7ae5af2026f202

  • SHA1

    8c75c69f3b73596897b0685110576b343504f6e8

  • SHA256

    b0be420abc5aac93abf275eb3d7eabab7df1ae619f8aa2b27b9ca4788a599dcc

  • SHA512

    016bc05133a66d7a8a93d514e75e3b8dc003c8ccc58860a15c2e9a9ed263d8ebc2c041bffbbbd780e2fdd9facb2d0a9e141f29250eb5bebf96f845f09afa2609

  • SSDEEP

    12288:xmWF3Z4mxxk6CjoIUR1qv0QVG/zkC61MDqQ+npi9bz8yvO9KSC4KZfF:xHQmXkEn+TK16WN+puAbC4K

Score
8/10
discovery

Malware Config

Targets

    • Target

      84e7da8f35b7e0466d7ae5af2026f202_JaffaCakes118

    • Size

      658KB

    • MD5

      84e7da8f35b7e0466d7ae5af2026f202

    • SHA1

      8c75c69f3b73596897b0685110576b343504f6e8

    • SHA256

      b0be420abc5aac93abf275eb3d7eabab7df1ae619f8aa2b27b9ca4788a599dcc

    • SHA512

      016bc05133a66d7a8a93d514e75e3b8dc003c8ccc58860a15c2e9a9ed263d8ebc2c041bffbbbd780e2fdd9facb2d0a9e141f29250eb5bebf96f845f09afa2609

    • SSDEEP

      12288:xmWF3Z4mxxk6CjoIUR1qv0QVG/zkC61MDqQ+npi9bz8yvO9KSC4KZfF:xHQmXkEn+TK16WN+puAbC4K

    Score
    8/10
    discovery

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks