Overview

overview

7

Static

static

3

a5a5b13fc3...18.exe

windows7-x64

7

a5a5b13fc3...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a5a5b13fc3d19ec734ea29bdb723c3a1_JaffaCakes118

  • Size

    103KB

  • Sample

    240818-gp15wasbnm

  • MD5

    a5a5b13fc3d19ec734ea29bdb723c3a1

  • SHA1

    ecc7846d321b09e6c0234ff4f8784110dd2ed486

  • SHA256

    fc72699f28aa3b5de644fe88307b02e9240e57abd1182d70a78d119bce207d87

  • SHA512

    6ba98c6a0dfb0b3d30f40db1164393f55dbe680ba3415f13f29d66ece3477f3b8b3b2df92023f9f1d753aa6277a85e21d3b25bd9b08f77144eb1bc7c0fa410d8

  • SSDEEP

    3072:4eBvl/k8sJvI5oQTPR6R6UYHfqNW4ExBV4H3:4ePJ9T56RufqN

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      a5a5b13fc3d19ec734ea29bdb723c3a1_JaffaCakes118

    • Size

      103KB

    • MD5

      a5a5b13fc3d19ec734ea29bdb723c3a1

    • SHA1

      ecc7846d321b09e6c0234ff4f8784110dd2ed486

    • SHA256

      fc72699f28aa3b5de644fe88307b02e9240e57abd1182d70a78d119bce207d87

    • SHA512

      6ba98c6a0dfb0b3d30f40db1164393f55dbe680ba3415f13f29d66ece3477f3b8b3b2df92023f9f1d753aa6277a85e21d3b25bd9b08f77144eb1bc7c0fa410d8

    • SSDEEP

      3072:4eBvl/k8sJvI5oQTPR6R6UYHfqNW4ExBV4H3:4ePJ9T56RufqN

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Impair Defenses: Safe Mode Boot

      defense_evasion

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks