Overview

overview

10

Static

static

3

86db15f492...18.exe

windows7-x64

10

86db15f492...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86db15f49267c7cabf05cb63e080fb51_JaffaCakes118

  • Size

    64KB

  • Sample

    240810-t8xysascmd

  • MD5

    86db15f49267c7cabf05cb63e080fb51

  • SHA1

    37e156ddfdd94f0018556cbd8a0005ee17a8b1b2

  • SHA256

    44d41ebb775e9c84c516d01471129432a843f108b95ae58be64002b33b17b911

  • SHA512

    57e2cd261abdc9f546b5b9d15f5b346a477452a49c503be46a462d8115ab56ce93405ac447ce7762f7a0189691fdb19fe000484de8cdb869c058272e6c16dd4e

  • SSDEEP

    1536:V3cpyORJLuB4P4AJJv4Romu/WVaCo91v7MGFhWW:V3c1fP4AJJv45wCE7fFhWW

Score
10/10
discoveryevasion

Malware Config

Targets

    • Target

      86db15f49267c7cabf05cb63e080fb51_JaffaCakes118

    • Size

      64KB

    • MD5

      86db15f49267c7cabf05cb63e080fb51

    • SHA1

      37e156ddfdd94f0018556cbd8a0005ee17a8b1b2

    • SHA256

      44d41ebb775e9c84c516d01471129432a843f108b95ae58be64002b33b17b911

    • SHA512

      57e2cd261abdc9f546b5b9d15f5b346a477452a49c503be46a462d8115ab56ce93405ac447ce7762f7a0189691fdb19fe000484de8cdb869c058272e6c16dd4e

    • SSDEEP

      1536:V3cpyORJLuB4P4AJJv4Romu/WVaCo91v7MGFhWW:V3c1fP4AJJv45wCE7fFhWW

    Score
    10/10
    discoveryevasion

    • Modifies visibility of file extensions in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks