Overview

overview

7

Static

static

7

cf2378e2b2...18.exe

windows7-x64

7

cf2378e2b2...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf2378e2b28298d8b7e97c37ecc34653_JaffaCakes118

  • Size

    159KB

  • Sample

    240906-km1ccaxcje

  • MD5

    cf2378e2b28298d8b7e97c37ecc34653

  • SHA1

    711ba34e26b8d2381d297135562553f5278be01c

  • SHA256

    15f0dc0ddc13be9f852c23c48ac69109de3497716af03f52504e6f855ddf68ac

  • SHA512

    3beefee2f996ad95f56f6683eb478077b8b37425b612cf059c5090ef29fc550e0bd2a60dd02757153805f8f01bc52308628854deb8f7452e5edabe3f426a7288

  • SSDEEP

    3072:x7cWbZ6wMfi+dIyy9Fcosa2dlt6rI1UpKQ2drdC5ACPRUjPououtu:xFFmiJ/coshYU1E2veAMR8wuoSu

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      cf2378e2b28298d8b7e97c37ecc34653_JaffaCakes118

    • Size

      159KB

    • MD5

      cf2378e2b28298d8b7e97c37ecc34653

    • SHA1

      711ba34e26b8d2381d297135562553f5278be01c

    • SHA256

      15f0dc0ddc13be9f852c23c48ac69109de3497716af03f52504e6f855ddf68ac

    • SHA512

      3beefee2f996ad95f56f6683eb478077b8b37425b612cf059c5090ef29fc550e0bd2a60dd02757153805f8f01bc52308628854deb8f7452e5edabe3f426a7288

    • SSDEEP

      3072:x7cWbZ6wMfi+dIyy9Fcosa2dlt6rI1UpKQ2drdC5ACPRUjPououtu:xFFmiJ/coshYU1E2veAMR8wuoSu

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks