Overview

overview

8

Static

static

1

8e4be2eb83...18.exe

windows7-x64

8

8e4be2eb83...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e4be2eb83b42225b500ca568d023e9a_JaffaCakes118

  • Size

    168KB

  • Sample

    240812-l1kz9awcmq

  • MD5

    8e4be2eb83b42225b500ca568d023e9a

  • SHA1

    8ea1f7cd198e9d6c6567444fffd1f0af0f1753f3

  • SHA256

    8235712093c3d4d8e6ace925ce65654bb6d68673cfcfb8f3808f40b67bbdf65d

  • SHA512

    c809d76695b8aad93e6785af453d13ae8ad6f19af175efd134685538c41cab069c8b92ee1b3a210fe31efea067639e68f1a925527cdbd4fedfdb1069eb33c2b3

  • SSDEEP

    3072:5v9cbTFhDHGrwpfwtTsZVQ3zY54tyeh8ZtkEqXJzRzaLrt:5Fcbhhb3p8TAQ3zY54tpqZtkEqZc

Score
8/10
defense_evasiondiscoveryevasionexecution

Malware Config

Targets

    • Target

      8e4be2eb83b42225b500ca568d023e9a_JaffaCakes118

    • Size

      168KB

    • MD5

      8e4be2eb83b42225b500ca568d023e9a

    • SHA1

      8ea1f7cd198e9d6c6567444fffd1f0af0f1753f3

    • SHA256

      8235712093c3d4d8e6ace925ce65654bb6d68673cfcfb8f3808f40b67bbdf65d

    • SHA512

      c809d76695b8aad93e6785af453d13ae8ad6f19af175efd134685538c41cab069c8b92ee1b3a210fe31efea067639e68f1a925527cdbd4fedfdb1069eb33c2b3

    • SSDEEP

      3072:5v9cbTFhDHGrwpfwtTsZVQ3zY54tyeh8ZtkEqXJzRzaLrt:5Fcbhhb3p8TAQ3zY54tpqZtkEqZc

    Score
    8/10
    defense_evasiondiscoveryevasionexecution

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks