Overview

overview

7

Static

static

7

9fd10745e0...18.exe

windows7-x64

7

9fd10745e0...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9fd10745e0e2de606ca664553149ce2e_JaffaCakes118

  • Size

    34KB

  • Sample

    240816-y9fs4svfpa

  • MD5

    9fd10745e0e2de606ca664553149ce2e

  • SHA1

    5cd5f804fb25528f78f0afd7e131fc7db9aae468

  • SHA256

    5383cbe6a2c2e664aa30c5aff3d576af7e765fb7ebb0cdb0d5de7d599ea0da94

  • SHA512

    38cad49727d20d751932a34eef59bd5bf0f6bc77f0b16737c849f83c51fd2aee5c87abd303bbf8746ac2c1fc342d647ab1c292326797be1d1a14c74607e74bac

  • SSDEEP

    768:YPVxpVcS9gV4pa5MUtsw7GPs0m2jnaWfunmT:uxpVcS62cvmw7GPcsaJ8

Score
7/10
discoverypersistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      9fd10745e0e2de606ca664553149ce2e_JaffaCakes118

    • Size

      34KB

    • MD5

      9fd10745e0e2de606ca664553149ce2e

    • SHA1

      5cd5f804fb25528f78f0afd7e131fc7db9aae468

    • SHA256

      5383cbe6a2c2e664aa30c5aff3d576af7e765fb7ebb0cdb0d5de7d599ea0da94

    • SHA512

      38cad49727d20d751932a34eef59bd5bf0f6bc77f0b16737c849f83c51fd2aee5c87abd303bbf8746ac2c1fc342d647ab1c292326797be1d1a14c74607e74bac

    • SSDEEP

      768:YPVxpVcS9gV4pa5MUtsw7GPs0m2jnaWfunmT:uxpVcS62cvmw7GPcsaJ8

    Score
    7/10
    discoverypersistenceprivilege_escalationupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks