Overview

overview

8

Static

static

1

b4c1769130...18.dll

windows7-x64

8

b4c1769130...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4c1769130661d0bdfd97da5cdc48dfd_JaffaCakes118

  • Size

    678KB

  • Sample

    240821-x99whszgnp

  • MD5

    b4c1769130661d0bdfd97da5cdc48dfd

  • SHA1

    9efbce6293ac36086ad53acf375c5ed1a857f01b

  • SHA256

    7bd032519786e19b7da359d254da990a5734298bbea584a42bd7c0713b005a77

  • SHA512

    9b04704cc1e0b6625baeae10196d5d63665bec6829291300db59b92b5a67803f452a5e4346b3a5fd39732e7419acf3426aef7898c0039cf577ef08270f8e1f12

  • SSDEEP

    12288:a4hUaFty+yr+Ts4e3kmYn0YaAsPko8dhM5wzTrr5v3Q2KWHQR:abaFty+yr+Ts4e3kmYn0YaAsB+M5STru

Score
8/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      b4c1769130661d0bdfd97da5cdc48dfd_JaffaCakes118

    • Size

      678KB

    • MD5

      b4c1769130661d0bdfd97da5cdc48dfd

    • SHA1

      9efbce6293ac36086ad53acf375c5ed1a857f01b

    • SHA256

      7bd032519786e19b7da359d254da990a5734298bbea584a42bd7c0713b005a77

    • SHA512

      9b04704cc1e0b6625baeae10196d5d63665bec6829291300db59b92b5a67803f452a5e4346b3a5fd39732e7419acf3426aef7898c0039cf577ef08270f8e1f12

    • SSDEEP

      12288:a4hUaFty+yr+Ts4e3kmYn0YaAsPko8dhM5wzTrr5v3Q2KWHQR:abaFty+yr+Ts4e3kmYn0YaAsB+M5STru

    Score
    8/10
    defense_evasiondiscoverypersistence

    • Server Software Component: Terminal Services DLL

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks