Overview

overview

7

Static

static

7

a9b5b98309...18.exe

windows7-x64

7

a9b5b98309...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9b5b983099c3a3b4f8b857fc4e33a6e_JaffaCakes118

  • Size

    99KB

  • Sample

    240819-ftel1awbpc

  • MD5

    a9b5b983099c3a3b4f8b857fc4e33a6e

  • SHA1

    ce21c2e7dd47446763c70266fae8c5a1ed2a1248

  • SHA256

    ebf650c8d0639a9d334672f64cc44c0543174b9af8f6777129882e8d04c9ba6b

  • SHA512

    ca8207cff832de218e77908246b941c8423a37578c5a86d215e4a731d6355b442a468f10e2b03f7a3b0d3c7dee1c052e921806d57014dfb33a3337988fe5c5f3

  • SSDEEP

    3072:JWJav9aaS8RK4gpkHUwXXNR3+Vt1fyskLCL:JmCVhdXXNNskL2

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      a9b5b983099c3a3b4f8b857fc4e33a6e_JaffaCakes118

    • Size

      99KB

    • MD5

      a9b5b983099c3a3b4f8b857fc4e33a6e

    • SHA1

      ce21c2e7dd47446763c70266fae8c5a1ed2a1248

    • SHA256

      ebf650c8d0639a9d334672f64cc44c0543174b9af8f6777129882e8d04c9ba6b

    • SHA512

      ca8207cff832de218e77908246b941c8423a37578c5a86d215e4a731d6355b442a468f10e2b03f7a3b0d3c7dee1c052e921806d57014dfb33a3337988fe5c5f3

    • SSDEEP

      3072:JWJav9aaS8RK4gpkHUwXXNR3+Vt1fyskLCL:JmCVhdXXNNskL2

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks