Overview

overview

7

Static

static

3

b4638ca0e7...18.exe

windows7-x64

7

b4638ca0e7...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4638ca0e7bdb7ef640132a221153fa8_JaffaCakes118

  • Size

    240KB

  • Sample

    240821-v6d9bsverp

  • MD5

    b4638ca0e7bdb7ef640132a221153fa8

  • SHA1

    086670fc261e66c827e5dd8e6bf165304c7c6e4d

  • SHA256

    697e6b509698c8f2d4559308522ee84d3679554be1e9b827a76346a147aa2a06

  • SHA512

    c1c072bd2831fbfc2a67465763ea95f5184127297ba148c8e3d877726b984f1a1c352a80b2d9d65390876c9355fa6033d88462820b987ec9b40517afc49d58d6

  • SSDEEP

    3072:G+KnGGVSJsS2Fwe+w/FWzLRfki6hEuqK+4Y0Bg86ideFqjfC3Ux9qN5:G+KnNSJ8b9eLRfkzhe30B36ideQb

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      b4638ca0e7bdb7ef640132a221153fa8_JaffaCakes118

    • Size

      240KB

    • MD5

      b4638ca0e7bdb7ef640132a221153fa8

    • SHA1

      086670fc261e66c827e5dd8e6bf165304c7c6e4d

    • SHA256

      697e6b509698c8f2d4559308522ee84d3679554be1e9b827a76346a147aa2a06

    • SHA512

      c1c072bd2831fbfc2a67465763ea95f5184127297ba148c8e3d877726b984f1a1c352a80b2d9d65390876c9355fa6033d88462820b987ec9b40517afc49d58d6

    • SSDEEP

      3072:G+KnGGVSJsS2Fwe+w/FWzLRfki6hEuqK+4Y0Bg86ideFqjfC3Ux9qN5:G+KnNSJ8b9eLRfkzhe30B36ideQb

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks