Overview

overview

7

Static

static

3

d06c11a168...18.exe

windows7-x64

7

d06c11a168...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d06c11a1689549471d6048414d7554ed_JaffaCakes118

  • Size

    910KB

  • Sample

    240906-zkkansxekh

  • MD5

    d06c11a1689549471d6048414d7554ed

  • SHA1

    75ab4238f17b0c5d5107492f1ba0889edfc0d42e

  • SHA256

    444f4ca4a93c3831d7cdb01083e74d4d38326d4db285f52ac1004b8b08c98930

  • SHA512

    82212de101e83ce6508ed2a1ee381c78e754efacbd5331eaef78d0e8169fc71f4182e0406980e38c30de8d8db3c79a70c3c77cae7efa84dbdff4f5c1536d65c0

  • SSDEEP

    24576:dPLok+BwHsfffffu+3W1uHPffKSi5i2JnZZ9PYvJhCswiVLZNVLCuq4slztve:d8k+BwHsfffffu+3W1uHPffKSi5i2Jnm

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      d06c11a1689549471d6048414d7554ed_JaffaCakes118

    • Size

      910KB

    • MD5

      d06c11a1689549471d6048414d7554ed

    • SHA1

      75ab4238f17b0c5d5107492f1ba0889edfc0d42e

    • SHA256

      444f4ca4a93c3831d7cdb01083e74d4d38326d4db285f52ac1004b8b08c98930

    • SHA512

      82212de101e83ce6508ed2a1ee381c78e754efacbd5331eaef78d0e8169fc71f4182e0406980e38c30de8d8db3c79a70c3c77cae7efa84dbdff4f5c1536d65c0

    • SSDEEP

      24576:dPLok+BwHsfffffu+3W1uHPffKSi5i2JnZZ9PYvJhCswiVLZNVLCuq4slztve:d8k+BwHsfffffu+3W1uHPffKSi5i2Jnm

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks