Overview

overview

8

Static

static

3

a712dcf9f5...18.exe

windows7-x64

8

a712dcf9f5...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a712dcf9f57862edd33c75e0491fc0c8_JaffaCakes118

  • Size

    179KB

  • Sample

    240818-r65vhaydlf

  • MD5

    a712dcf9f57862edd33c75e0491fc0c8

  • SHA1

    84f07f0923b7ed7f294548869ad8c5dd8fcdb32e

  • SHA256

    6c26c6482ea1e5de02bf9eef7faa4942c8dcada8ddbf8ad9c00e6e475e170d72

  • SHA512

    fa6988943199819e1091a266db224104de34d050d6079a84ca4aaf91d4e18a2c422ddb5799f96706130119f1f5531b9e1b01e957288312e1a9fa0a7bfc8d34bd

  • SSDEEP

    3072:HVSsGSTeAcU4V+YR2fwIEE8iRIte5x75rxo+d27B9tO96xz1nnHFaUYSJGOTPjFC:1SnSKAcURYAw23Rrl3d2/tOq1oSJ90+I

Score
8/10
discoveryexecutionpersistence

Malware Config

Targets

    • Target

      a712dcf9f57862edd33c75e0491fc0c8_JaffaCakes118

    • Size

      179KB

    • MD5

      a712dcf9f57862edd33c75e0491fc0c8

    • SHA1

      84f07f0923b7ed7f294548869ad8c5dd8fcdb32e

    • SHA256

      6c26c6482ea1e5de02bf9eef7faa4942c8dcada8ddbf8ad9c00e6e475e170d72

    • SHA512

      fa6988943199819e1091a266db224104de34d050d6079a84ca4aaf91d4e18a2c422ddb5799f96706130119f1f5531b9e1b01e957288312e1a9fa0a7bfc8d34bd

    • SSDEEP

      3072:HVSsGSTeAcU4V+YR2fwIEE8iRIte5x75rxo+d27B9tO96xz1nnHFaUYSJGOTPjFC:1SnSKAcURYAw23Rrl3d2/tOq1oSJ90+I

    Score
    8/10
    discoveryexecutionpersistence

    • Creates new service(s)

      persistenceexecution

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks