Overview

overview

8

Static

static

3

a05d917aed...18.exe

windows7-x64

8

a05d917aed...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a05d917aede42243aa5178c8272ebf40_JaffaCakes118

  • Size

    206KB

  • Sample

    240816-3fl59axdmm

  • MD5

    a05d917aede42243aa5178c8272ebf40

  • SHA1

    50041e5b9e3cc959887a6b6a70427f09fa5d9e36

  • SHA256

    8b7cc6e6cfaa186569ed769723b1032c6a46ab32425d8a66ac720dea4d93863d

  • SHA512

    7c677830a3619fac446b2996618ec37d0e849734dd11b94e26cf2db1f8ee5d1dafddc6a4a22b2bda0751f0805a32720356a49a0d126f49e90edf973826d290af

  • SSDEEP

    3072:3RFevpE5xO8A67pjy9orLXj/5szSCq94jVRtvr9TjsXOwdQT7I5hVs6i/ralY403:3XevT569m6Xj/5sXq9SRttjspQTGp9y3

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      a05d917aede42243aa5178c8272ebf40_JaffaCakes118

    • Size

      206KB

    • MD5

      a05d917aede42243aa5178c8272ebf40

    • SHA1

      50041e5b9e3cc959887a6b6a70427f09fa5d9e36

    • SHA256

      8b7cc6e6cfaa186569ed769723b1032c6a46ab32425d8a66ac720dea4d93863d

    • SHA512

      7c677830a3619fac446b2996618ec37d0e849734dd11b94e26cf2db1f8ee5d1dafddc6a4a22b2bda0751f0805a32720356a49a0d126f49e90edf973826d290af

    • SSDEEP

      3072:3RFevpE5xO8A67pjy9orLXj/5szSCq94jVRtvr9TjsXOwdQT7I5hVs6i/ralY403:3XevT569m6Xj/5sXq9SRttjspQTGp9y3

    Score
    8/10
    discoverypersistence

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks