Overview

overview

10

Static

static

3

b4281a2c60...18.exe

windows7-x64

10

b4281a2c60...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4281a2c60ca5184bfd67be61bf110a9_JaffaCakes118

  • Size

    248KB

  • Sample

    240821-trrenssapk

  • MD5

    b4281a2c60ca5184bfd67be61bf110a9

  • SHA1

    93155e2e29faa53b45bd69f5ef5c4ff047edab59

  • SHA256

    b8e0af626f076a84b498f3c638b5ff0b06d4a821b8ded5bef5282e39ab763aa5

  • SHA512

    9bd1a62b3c7a3056d35b8b4a34e85a4adb109c2fc9adc959c6ddd96e3f9e47ce825b04b847ff4eb6f281b2496859d27abdc77f2a29fa08cb3690628ae13964ad

  • SSDEEP

    1536:tGIP+tj0IaxamasaXaq4noBU66yVZxrkEhjb:QI2d0Ob

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      b4281a2c60ca5184bfd67be61bf110a9_JaffaCakes118

    • Size

      248KB

    • MD5

      b4281a2c60ca5184bfd67be61bf110a9

    • SHA1

      93155e2e29faa53b45bd69f5ef5c4ff047edab59

    • SHA256

      b8e0af626f076a84b498f3c638b5ff0b06d4a821b8ded5bef5282e39ab763aa5

    • SHA512

      9bd1a62b3c7a3056d35b8b4a34e85a4adb109c2fc9adc959c6ddd96e3f9e47ce825b04b847ff4eb6f281b2496859d27abdc77f2a29fa08cb3690628ae13964ad

    • SSDEEP

      1536:tGIP+tj0IaxamasaXaq4noBU66yVZxrkEhjb:QI2d0Ob

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks