Overview

overview

7

Static

static

3

88c1968310...18.exe

windows7-x64

7

88c1968310...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    88c196831084655fc5f8c7ee84ff320a_JaffaCakes118

  • Size

    59KB

  • Sample

    240811-dl85jaweph

  • MD5

    88c196831084655fc5f8c7ee84ff320a

  • SHA1

    2dfd5c5ce33b30d3987a44f5adb8ad7c2035dbe1

  • SHA256

    85c0dbda49f79f89d4064ecd0c0d8d5e82ee5dc0ef68452e3779a4146f34832b

  • SHA512

    da874e3ac4fbd2d1ba2c0a1d35eadd8af9a7fcd0bddd9f18871bc47fb85fb38d508d462cc9c34412e8bbff9d69f3b268f1af82061364f97c22ac312d1e244919

  • SSDEEP

    1536:7vG6vadmEgg/wWoWTgCIrJY+XiuI7YaPZ:7vlpEx/wWKIYu

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      88c196831084655fc5f8c7ee84ff320a_JaffaCakes118

    • Size

      59KB

    • MD5

      88c196831084655fc5f8c7ee84ff320a

    • SHA1

      2dfd5c5ce33b30d3987a44f5adb8ad7c2035dbe1

    • SHA256

      85c0dbda49f79f89d4064ecd0c0d8d5e82ee5dc0ef68452e3779a4146f34832b

    • SHA512

      da874e3ac4fbd2d1ba2c0a1d35eadd8af9a7fcd0bddd9f18871bc47fb85fb38d508d462cc9c34412e8bbff9d69f3b268f1af82061364f97c22ac312d1e244919

    • SSDEEP

      1536:7vG6vadmEgg/wWoWTgCIrJY+XiuI7YaPZ:7vlpEx/wWKIYu

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks