General

  • Target

    cce85c20b904b48ecce56f1e969dcf80_JaffaCakes118

  • Size

    725KB

  • Sample

    240831-qzzt8swfnk

  • MD5

    cce85c20b904b48ecce56f1e969dcf80

  • SHA1

    1a6d9a342ba4f259b3a14523d139b39c87091bac

  • SHA256

    2d1bdf894e558865433c1c8c288887fb9fd0604c0ffc82fe7b623637043c733e

  • SHA512

    51e450f60c9c15bb8e2a9497ed735ed94d5451a767bf4659d9adcd650c8a6a52283b6e2b9355e99765ecff62bd6b38cf441c8b65aa97693a82e68ac84b3f0831

  • SSDEEP

    6144:8pRY0JvIB0GMJAqgYJ91P4oV9yplVZNynvq8MBryjgJS9RXZkCr/lNHhKM/QQ8:Gtxk0eqz1Pn9ynVSn0B2jOylNHhKi

Score
7/10

Malware Config

Targets

    • Target

      cce85c20b904b48ecce56f1e969dcf80_JaffaCakes118

    • Size

      725KB

    • MD5

      cce85c20b904b48ecce56f1e969dcf80

    • SHA1

      1a6d9a342ba4f259b3a14523d139b39c87091bac

    • SHA256

      2d1bdf894e558865433c1c8c288887fb9fd0604c0ffc82fe7b623637043c733e

    • SHA512

      51e450f60c9c15bb8e2a9497ed735ed94d5451a767bf4659d9adcd650c8a6a52283b6e2b9355e99765ecff62bd6b38cf441c8b65aa97693a82e68ac84b3f0831

    • SSDEEP

      6144:8pRY0JvIB0GMJAqgYJ91P4oV9yplVZNynvq8MBryjgJS9RXZkCr/lNHhKM/QQ8:Gtxk0eqz1Pn9ynVSn0B2jOylNHhKi

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

MITRE ATT&CK Enterprise v15

Tasks