Overview

overview

10

Static

static

10

ba354513af...18.exe

windows7-x64

7

ba354513af...18.exe

windows10-2004-x64

7

201153135239.exe

windows7-x64

7

201153135239.exe

windows10-2004-x64

7

20115313521.exe

windows7-x64

6

20115313521.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ba354513afa7cae49af7abc0e45edb81_JaffaCakes118

  • Size

    181KB

  • Sample

    240823-d6341stbrc

  • MD5

    ba354513afa7cae49af7abc0e45edb81

  • SHA1

    4bd3d3e0d307fe9ac464863c5a1e46fe12cd9107

  • SHA256

    7051da80391e77ace90b194f73ecce7ce0daceaf02d3d84094e45131ad658062

  • SHA512

    4367d41e7ee20fa1ddfac771affc8f44473199590e139654bebe5d38718a7889bbab2abec8e5021dbb85ed86f70201136910eab8344600fa2149127275ea8ecd

  • SSDEEP

    3072:ALk395hYXJsDjSUxWbayCLef2s583SutridTtT+K0vkEllFwIYD9SICj4ft:AQqCjSlbfCCus58CupidTt/0MEllFw7h

Score
10/10
gh0stratdiscoverypersistence

Malware Config

Targets

    • Target

      ba354513afa7cae49af7abc0e45edb81_JaffaCakes118

    • Size

      181KB

    • MD5

      ba354513afa7cae49af7abc0e45edb81

    • SHA1

      4bd3d3e0d307fe9ac464863c5a1e46fe12cd9107

    • SHA256

      7051da80391e77ace90b194f73ecce7ce0daceaf02d3d84094e45131ad658062

    • SHA512

      4367d41e7ee20fa1ddfac771affc8f44473199590e139654bebe5d38718a7889bbab2abec8e5021dbb85ed86f70201136910eab8344600fa2149127275ea8ecd

    • SSDEEP

      3072:ALk395hYXJsDjSUxWbayCLef2s583SutridTtT+K0vkEllFwIYD9SICj4ft:AQqCjSlbfCCus58CupidTt/0MEllFw7h

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      201153135239.exe

    • Size

      25.2MB

    • MD5

      57f0f15ef829fa03fecf784d5c658bae

    • SHA1

      1d86700c8c555df352c2922d02da686825525c00

    • SHA256

      ddb52e15b7891d1aded1312934d2e6f620c08e1f0e0da77ab3b68343daef7560

    • SHA512

      22fa2b29066c2a638f393cb2f99316f3786351c805a6bc3a41f2cc8b5ba681954167ba08cb4d5930fc8e5caf4c70ceadbfdd092e0511a568abb47466acbb526b

    • SSDEEP

      3072:ALk395hYXJS1VNR0FtDZU4JPK76fcqIVw4Z8KZSrXC4VQipg2vub:AQqY30Fn9PdcqIVwE8Wxidub

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral3behavioral4

    • Target

      20115313521.exe

    • Size

      100.2MB

    • MD5

      8c37a0a9621cae6781bfd3c408400682

    • SHA1

      6768b9f64c2f95c51870b77a9679519b6fd12cd7

    • SHA256

      d868c3d258b1deded5ac76ceccd859b3f7d088d1b2bc6e0b8db813aec30a460e

    • SHA512

      e7331e9fc56ba2a30a7ee28093048d2e50143a9f6f7130d0fba18919df7e52bb67ce1cbc4f5a24950d65e0e57d404e421889240765c67815abcae46f7b8c9f44

    • SSDEEP

      3072:CTeTY1km5WBqwP3fspQ/Xz7iasXHyC/hX6Axv3yUt7LEwNj8BPOI5s8DxOA:CiTtiWB0mL7teJ5Vp3yO5N4G74

    Score
    6/10
    discoverypersistence
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks