Overview

overview

7

Static

static

3

8ba38e3b84...18.exe

windows7-x64

6

8ba38e3b84...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    8ba38e3b847c3c8e4c2fbc2300cc30a4_JaffaCakes118

  • Size

    504KB

  • Sample

    240811-xx13vaxhlf

  • MD5

    8ba38e3b847c3c8e4c2fbc2300cc30a4

  • SHA1

    d761daf9e2076f933e9ca0ed8137e49256455b41

  • SHA256

    993597f95aa97b7dac3e0776bf8f944fb277301442d25b7172d475613161024e

  • SHA512

    120336a9892045a4e8d4cd94413f51a414237628116858ece635541c8890a8984dfcf565cc41194c671db5111602b434e5ed42a6e023f81e9cb582b26c70792f

  • SSDEEP

    12288:qu2EQckZJd8bvjhdaks5j0MLCzITNJdg4NKmXrlR:J9uZJqFdakKj0Mdhggf

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      8ba38e3b847c3c8e4c2fbc2300cc30a4_JaffaCakes118

    • Size

      504KB

    • MD5

      8ba38e3b847c3c8e4c2fbc2300cc30a4

    • SHA1

      d761daf9e2076f933e9ca0ed8137e49256455b41

    • SHA256

      993597f95aa97b7dac3e0776bf8f944fb277301442d25b7172d475613161024e

    • SHA512

      120336a9892045a4e8d4cd94413f51a414237628116858ece635541c8890a8984dfcf565cc41194c671db5111602b434e5ed42a6e023f81e9cb582b26c70792f

    • SSDEEP

      12288:qu2EQckZJd8bvjhdaks5j0MLCzITNJdg4NKmXrlR:J9uZJqFdakKj0Mdhggf

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks