Overview

overview

8

Static

static

3

a45ec5a9ae...18.exe

windows7-x64

8

a45ec5a9ae...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a45ec5a9ae414ef664b4ea8f359299a3_JaffaCakes118

  • Size

    58KB

  • Sample

    240817-196ewazhpa

  • MD5

    a45ec5a9ae414ef664b4ea8f359299a3

  • SHA1

    1345a00ffdfa3cfca09b38aba96cbd9cb84a2fc6

  • SHA256

    5e0913a43b3e2588d84c8fc3f6ae8bebab7676455dbbc93b030b0ace77819c5e

  • SHA512

    9f3c00320ac4066c8107964a4b0e9c381329797f65ad8e4a42224ceeda16298d07e58b10b8e89dc0a074cf96ad13f5567e576153e4947c10786ec1906e867dd6

  • SSDEEP

    1536:WOup7DCUaAVrEnWzuuLmJh18cWZgHKmnyFAPGh8a1LiF:ItbKWzPmJhOcWZuZnyFLLm

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      a45ec5a9ae414ef664b4ea8f359299a3_JaffaCakes118

    • Size

      58KB

    • MD5

      a45ec5a9ae414ef664b4ea8f359299a3

    • SHA1

      1345a00ffdfa3cfca09b38aba96cbd9cb84a2fc6

    • SHA256

      5e0913a43b3e2588d84c8fc3f6ae8bebab7676455dbbc93b030b0ace77819c5e

    • SHA512

      9f3c00320ac4066c8107964a4b0e9c381329797f65ad8e4a42224ceeda16298d07e58b10b8e89dc0a074cf96ad13f5567e576153e4947c10786ec1906e867dd6

    • SSDEEP

      1536:WOup7DCUaAVrEnWzuuLmJh18cWZgHKmnyFAPGh8a1LiF:ItbKWzPmJhOcWZuZnyFLLm

    Score
    8/10
    discoverypersistence

    • Server Software Component: Terminal Services DLL

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks