Overview

overview

7

Static

static

3

a255e623a7...18.exe

windows7-x64

7

a255e623a7...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a255e623a782ddccdbcba4e79da5e7ef_JaffaCakes118

  • Size

    163KB

  • Sample

    240817-ngqshawbnr

  • MD5

    a255e623a782ddccdbcba4e79da5e7ef

  • SHA1

    20553c96df543c10e007a655f31f7b6923d96fd8

  • SHA256

    8f643a5f4ef8c250d8b0047629672e660d69ae1b2414e30d2633cf483a0e2889

  • SHA512

    f5e00c96a43fafc4fb54f6434f1eeb4b9e5dff3e4a55dbb5ee783819c0a26a99d50c13fdd40fc4b677dd4bca2be56dd33878d281d12226fcb79d56528fa7e586

  • SSDEEP

    3072:PUgmcYpOqQWts5oXpT3uob27b1j3K7tkGaA45McajwuLR5aGdt1:PUgmc2vKoZT+ob0VIxazjmhLH1

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      a255e623a782ddccdbcba4e79da5e7ef_JaffaCakes118

    • Size

      163KB

    • MD5

      a255e623a782ddccdbcba4e79da5e7ef

    • SHA1

      20553c96df543c10e007a655f31f7b6923d96fd8

    • SHA256

      8f643a5f4ef8c250d8b0047629672e660d69ae1b2414e30d2633cf483a0e2889

    • SHA512

      f5e00c96a43fafc4fb54f6434f1eeb4b9e5dff3e4a55dbb5ee783819c0a26a99d50c13fdd40fc4b677dd4bca2be56dd33878d281d12226fcb79d56528fa7e586

    • SSDEEP

      3072:PUgmcYpOqQWts5oXpT3uob27b1j3K7tkGaA45McajwuLR5aGdt1:PUgmc2vKoZT+ob0VIxazjmhLH1

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks