Overview

overview

7

Static

static

3

a102a77b30...18.exe

windows7-x64

a102a77b30...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a102a77b302c2b2a383fc22cbfd0f00e_JaffaCakes118

  • Size

    264KB

  • Sample

    240817-dvlqlavapa

  • MD5

    a102a77b302c2b2a383fc22cbfd0f00e

  • SHA1

    dfc0d244145666987ec06783b330a564227f1ab1

  • SHA256

    55f6aef5e074af9cfbd10a1097c9f38a9468cb63caa6127eb2f549a4d51d01a4

  • SHA512

    13aca7399690a26a44a01253496cee9fe346de4dc87b52b160e1accc15f3e4defa688f021512f846df1545822aacd01b455fc9e0e7c1eb3b92f0012bdfe4439e

  • SSDEEP

    6144:W/0uoREpfu+EZouwgNL8LMtweEFch/cm2cW6/9:WJ+Iu+yw8mMtsGkvM

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      a102a77b302c2b2a383fc22cbfd0f00e_JaffaCakes118

    • Size

      264KB

    • MD5

      a102a77b302c2b2a383fc22cbfd0f00e

    • SHA1

      dfc0d244145666987ec06783b330a564227f1ab1

    • SHA256

      55f6aef5e074af9cfbd10a1097c9f38a9468cb63caa6127eb2f549a4d51d01a4

    • SHA512

      13aca7399690a26a44a01253496cee9fe346de4dc87b52b160e1accc15f3e4defa688f021512f846df1545822aacd01b455fc9e0e7c1eb3b92f0012bdfe4439e

    • SSDEEP

      6144:W/0uoREpfu+EZouwgNL8LMtweEFch/cm2cW6/9:WJ+Iu+yw8mMtsGkvM

    Score
    7/10
    discoverypersistencedefense_evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks