Overview

overview

10

Static

static

3

a4d6066325...18.exe

windows7-x64

10

a4d6066325...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a4d606632503df5a2f842e3ed38b307f_JaffaCakes118

  • Size

    15KB

  • Sample

    240818-bq7fdsxeme

  • MD5

    a4d606632503df5a2f842e3ed38b307f

  • SHA1

    b5b574343ee8306b3be22f614f6b1d294d388740

  • SHA256

    d440f435458726015234a23f043a2055a6a7901f04a5129940aebf6ad47ec904

  • SHA512

    033963c96a817742fac239a2ace563297e59d9897a02b6d65a71268e1e935528c05bd153d0c4fad3b3ec0791d1168b9a2eb181415d0eb2d5e5f561183f1f0eee

  • SSDEEP

    384:XCCoJcG+CDGwFBgZh3u8SlFTQ90zaU7O0DcphNm+ox:yCoJkCtFB+w8Sl6m2GO7hm+ox

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      a4d606632503df5a2f842e3ed38b307f_JaffaCakes118

    • Size

      15KB

    • MD5

      a4d606632503df5a2f842e3ed38b307f

    • SHA1

      b5b574343ee8306b3be22f614f6b1d294d388740

    • SHA256

      d440f435458726015234a23f043a2055a6a7901f04a5129940aebf6ad47ec904

    • SHA512

      033963c96a817742fac239a2ace563297e59d9897a02b6d65a71268e1e935528c05bd153d0c4fad3b3ec0791d1168b9a2eb181415d0eb2d5e5f561183f1f0eee

    • SSDEEP

      384:XCCoJcG+CDGwFBgZh3u8SlFTQ90zaU7O0DcphNm+ox:yCoJkCtFB+w8Sl6m2GO7hm+ox

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks