Overview

overview

10

Static

static

3

a27ae367bc...18.exe

windows7-x64

10

a27ae367bc...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a27ae367bc0e8739d1a12d2c71ce350a_JaffaCakes118

  • Size

    152KB

  • Sample

    240817-pddjfaxfrj

  • MD5

    a27ae367bc0e8739d1a12d2c71ce350a

  • SHA1

    0e0e0cf53a2031758426781ab2d392396e9fd5f9

  • SHA256

    913e91a35d669fdb34713076bed7c75ade23ea48d5b67c3f86ab4eab58d25b3f

  • SHA512

    c7a18e563db62ea5f2ed9522c6065799d2582ebf4ee7dd6abf94932db16f3eddcad0881b559fd76b8cdd2edb030e232d170f912c956a76e1d9147a6144929e17

  • SSDEEP

    3072:+vhHSyzx+XsEndwEC+zOdO7VefRYcYN1rjGTxr4oQZiEhtnr:o3N+XsEn64OdkoxblFWJ

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      a27ae367bc0e8739d1a12d2c71ce350a_JaffaCakes118

    • Size

      152KB

    • MD5

      a27ae367bc0e8739d1a12d2c71ce350a

    • SHA1

      0e0e0cf53a2031758426781ab2d392396e9fd5f9

    • SHA256

      913e91a35d669fdb34713076bed7c75ade23ea48d5b67c3f86ab4eab58d25b3f

    • SHA512

      c7a18e563db62ea5f2ed9522c6065799d2582ebf4ee7dd6abf94932db16f3eddcad0881b559fd76b8cdd2edb030e232d170f912c956a76e1d9147a6144929e17

    • SSDEEP

      3072:+vhHSyzx+XsEndwEC+zOdO7VefRYcYN1rjGTxr4oQZiEhtnr:o3N+XsEn64OdkoxblFWJ

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks