Overview

overview

8

Static

static

3

d17dd5050c...18.exe

windows7-x64

8

d17dd5050c...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d17dd5050c9a4eec4903767376829500_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240907-kamwgsvbne

  • MD5

    d17dd5050c9a4eec4903767376829500

  • SHA1

    0b6599d18ffda4baa21f4bc09ae9e168d9eee802

  • SHA256

    2b64e39e9ab434dd665ac078b8626f093af9933d051972099f0a9599da1c5f26

  • SHA512

    45239813b612f821bb2491511fdeb77cd566851857c5dbf6f90191fe4a864eb5f23960f5a2b8c3f23ab01a50064e03a5b3e4409fe876306d8453f60a9b8c3476

  • SSDEEP

    24576:EInXgjK/K6dipju3/YQX24Fu+WqAH2k8bQpZrdETYl+nfTQxij6IbIcL:EINSRjuA02J0zbQLrdEi+nfTQxijnpL

Score
8/10
discoveryevasionexecution

Malware Config

Targets

    • Target

      d17dd5050c9a4eec4903767376829500_JaffaCakes118

    • Size

      1.5MB

    • MD5

      d17dd5050c9a4eec4903767376829500

    • SHA1

      0b6599d18ffda4baa21f4bc09ae9e168d9eee802

    • SHA256

      2b64e39e9ab434dd665ac078b8626f093af9933d051972099f0a9599da1c5f26

    • SHA512

      45239813b612f821bb2491511fdeb77cd566851857c5dbf6f90191fe4a864eb5f23960f5a2b8c3f23ab01a50064e03a5b3e4409fe876306d8453f60a9b8c3476

    • SSDEEP

      24576:EInXgjK/K6dipju3/YQX24Fu+WqAH2k8bQpZrdETYl+nfTQxij6IbIcL:EINSRjuA02J0zbQLrdEi+nfTQxijnpL

    Score
    8/10
    discoveryevasionexecution

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks