Overview

overview

7

Static

static

3

a8b970888c...18.dll

windows7-x64

7

a8b970888c...18.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a8b970888cdd89e32716800bef02ca74_JaffaCakes118

  • Size

    220KB

  • Sample

    240818-3td2ssverr

  • MD5

    a8b970888cdd89e32716800bef02ca74

  • SHA1

    0c321745b0d0484df4db1e46247372752b8dbca9

  • SHA256

    7ef1ae1db4b652fb79ee1ca50a411c56d3e86a4887dc99ceee86e9953ce2c145

  • SHA512

    d9ac3d7cc35b3077191dff9d77ccb17afb0b5fbf6d38cd2a23147023ef66ca9690b4ba99838ce5280fa41aa8bbeb7b24aec6ade93e5e5d27a2ac364ecece5dc7

  • SSDEEP

    3072:XJohAfhKBJ9R+An0AzIzcJVMbbpKApMwIhNieXD11a8YBJa59ErZf6VfUoz:EDv/ztVMbt58NbxHYSyp6xU

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      a8b970888cdd89e32716800bef02ca74_JaffaCakes118

    • Size

      220KB

    • MD5

      a8b970888cdd89e32716800bef02ca74

    • SHA1

      0c321745b0d0484df4db1e46247372752b8dbca9

    • SHA256

      7ef1ae1db4b652fb79ee1ca50a411c56d3e86a4887dc99ceee86e9953ce2c145

    • SHA512

      d9ac3d7cc35b3077191dff9d77ccb17afb0b5fbf6d38cd2a23147023ef66ca9690b4ba99838ce5280fa41aa8bbeb7b24aec6ade93e5e5d27a2ac364ecece5dc7

    • SSDEEP

      3072:XJohAfhKBJ9R+An0AzIzcJVMbbpKApMwIhNieXD11a8YBJa59ErZf6VfUoz:EDv/ztVMbt58NbxHYSyp6xU

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks