Overview

overview

7

Static

static

3

b07a09556b...18.exe

windows7-x64

7

b07a09556b...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b07a09556b23d6fc4067d02e17679e22_JaffaCakes118

  • Size

    45KB

  • Sample

    240820-xwtblssenm

  • MD5

    b07a09556b23d6fc4067d02e17679e22

  • SHA1

    741ab191cc8798503cd8d2938ba815986f66661c

  • SHA256

    7ad00a4e863c7a187d5649ebeb1f74470dab314b076b9fc621e7732fc526cf3e

  • SHA512

    19b90d18b63b76f3af5961c6298a4d609b853614fa02e65a1874a5303aec52d91e3fc91f6e109e19fbea03e13362440147746b82d5dc9a99a0478a391de808df

  • SSDEEP

    768:Rj+yUhAQuyAQ+PHxb9pRM+Md5hF2bkgb4LZM179rMJahq3/29vxPDfM:R4hAQuyM/xbXRMf7a4at9Iahq3/29vxr

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      b07a09556b23d6fc4067d02e17679e22_JaffaCakes118

    • Size

      45KB

    • MD5

      b07a09556b23d6fc4067d02e17679e22

    • SHA1

      741ab191cc8798503cd8d2938ba815986f66661c

    • SHA256

      7ad00a4e863c7a187d5649ebeb1f74470dab314b076b9fc621e7732fc526cf3e

    • SHA512

      19b90d18b63b76f3af5961c6298a4d609b853614fa02e65a1874a5303aec52d91e3fc91f6e109e19fbea03e13362440147746b82d5dc9a99a0478a391de808df

    • SSDEEP

      768:Rj+yUhAQuyAQ+PHxb9pRM+Md5hF2bkgb4LZM179rMJahq3/29vxPDfM:R4hAQuyM/xbXRMf7a4at9Iahq3/29vxr

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks