Overview

overview

7

Static

static

3

da74493f8f...18.exe

windows7-x64

7

da74493f8f...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da74493f8fad6f50e18ae78950999395_JaffaCakes118

  • Size

    24KB

  • Sample

    240911-qtx4fstclg

  • MD5

    da74493f8fad6f50e18ae78950999395

  • SHA1

    85e415894ab322ebad4adc1b5fca03b8b2dcbf4f

  • SHA256

    1905f7af8e0abd07833d26f83e85545db7d1503b30562b1de7a31ce27d617206

  • SHA512

    5792b32854d9d01ab67ae95138438cc1cf64d9c879c45d2e4e52e1d0fdca12bcd6480b33fc860b79e11dd83d30e73ddb19f1909a6c18287072a1c5a63a423e8c

  • SSDEEP

    384:PezFlezFH3IUIuzcgcAepKLxvQZuF2LJbEUzNvFCqShvJaodJBDjw2pjBggfKZSv:Wz6zeozFiAxvQZuGJbEkFERhw2FXfVv

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      da74493f8fad6f50e18ae78950999395_JaffaCakes118

    • Size

      24KB

    • MD5

      da74493f8fad6f50e18ae78950999395

    • SHA1

      85e415894ab322ebad4adc1b5fca03b8b2dcbf4f

    • SHA256

      1905f7af8e0abd07833d26f83e85545db7d1503b30562b1de7a31ce27d617206

    • SHA512

      5792b32854d9d01ab67ae95138438cc1cf64d9c879c45d2e4e52e1d0fdca12bcd6480b33fc860b79e11dd83d30e73ddb19f1909a6c18287072a1c5a63a423e8c

    • SSDEEP

      384:PezFlezFH3IUIuzcgcAepKLxvQZuF2LJbEUzNvFCqShvJaodJBDjw2pjBggfKZSv:Wz6zeozFiAxvQZuGJbEkFERhw2FXfVv

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks