Overview

overview

7

Static

static

3

89dd64dce9...18.exe

windows7-x64

7

89dd64dce9...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    89dd64dce94ef4947eb14eef6a82547a_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240811-ljvs5atfln

  • MD5

    89dd64dce94ef4947eb14eef6a82547a

  • SHA1

    ee2106d5a6d38f3137dab784dbd3e9710115820c

  • SHA256

    600d6dc4c12cfccbe667d021db24b96ab6378c1037bf7b378ee90a60433b723f

  • SHA512

    3c7ca6500df12e1e39b33e0b190899abc273e14be93023f9bcc84d10688a094027da06594bba466c06ae52a66f07674b8abd905a1af6d262c8ee9651cf363af9

  • SSDEEP

    24576:F9sk20GncuPAhSSy7x4B+G0oW1/WMBTLkcQkSqgpOndpzNROaZakMzp/rSofp:nJu4SV7x4gPAMFLkAg435ROgLup

Score
7/10
discovery

Malware Config

Targets

    • Target

      89dd64dce94ef4947eb14eef6a82547a_JaffaCakes118

    • Size

      1.3MB

    • MD5

      89dd64dce94ef4947eb14eef6a82547a

    • SHA1

      ee2106d5a6d38f3137dab784dbd3e9710115820c

    • SHA256

      600d6dc4c12cfccbe667d021db24b96ab6378c1037bf7b378ee90a60433b723f

    • SHA512

      3c7ca6500df12e1e39b33e0b190899abc273e14be93023f9bcc84d10688a094027da06594bba466c06ae52a66f07674b8abd905a1af6d262c8ee9651cf363af9

    • SSDEEP

      24576:F9sk20GncuPAhSSy7x4B+G0oW1/WMBTLkcQkSqgpOndpzNROaZakMzp/rSofp:nJu4SV7x4gPAMFLkAg435ROgLup

    Score
    7/10
    discovery

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks