Overview

overview

10

Static

static

3

bb6193012c...18.exe

windows7-x64

10

bb6193012c...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bb6193012cbb778a7f50179459827929_JaffaCakes118

  • Size

    9.3MB

  • Sample

    240823-mm9bcsygle

  • MD5

    bb6193012cbb778a7f50179459827929

  • SHA1

    403a943e2924fbcd7da71de674cf75e83048c5df

  • SHA256

    97b7f4befd9c908ab3ba2aa80d5b64ec6468d740add89c6dae8b9b089e8b2abd

  • SHA512

    3be40208819c4f2f86eaf4fba8ec10c9f6f07b101da848f636c048dd71bb9e73d6edc8d5d367451fc5bb287e573e6af567b0da78030a7caa3f6a45b84d9b3a14

  • SSDEEP

    3072:X/NvCCDFcKR1px064LZui6fAMyDdnewv/Yb:laCBc61px0652MIewvQb

Score
10/10
defense_evasiondiscoverypersistenceupx

Malware Config

Targets

    • Target

      bb6193012cbb778a7f50179459827929_JaffaCakes118

    • Size

      9.3MB

    • MD5

      bb6193012cbb778a7f50179459827929

    • SHA1

      403a943e2924fbcd7da71de674cf75e83048c5df

    • SHA256

      97b7f4befd9c908ab3ba2aa80d5b64ec6468d740add89c6dae8b9b089e8b2abd

    • SHA512

      3be40208819c4f2f86eaf4fba8ec10c9f6f07b101da848f636c048dd71bb9e73d6edc8d5d367451fc5bb287e573e6af567b0da78030a7caa3f6a45b84d9b3a14

    • SSDEEP

      3072:X/NvCCDFcKR1px064LZui6fAMyDdnewv/Yb:laCBc61px0652MIewvQb

    Score
    10/10
    defense_evasiondiscoverypersistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Hide Artifacts: Hidden Files and Directories

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks