Overview

overview

7

Static

static

3

daebb23792...18.exe

windows7-x64

7

daebb23792...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    daebb23792d87a67e2a1ad85710b913a_JaffaCakes118

  • Size

    649KB

  • Sample

    240911-wkztksvajq

  • MD5

    daebb23792d87a67e2a1ad85710b913a

  • SHA1

    5ffaadb334a784fc3f7c316e50b2499af1776e95

  • SHA256

    a48496929e6a11fe1dba758b57eacf2004ed3cceb4c396ae0ea8bfb9f2a99d87

  • SHA512

    1bb4a6e6486aa0b6d12e276fd9cf1e800367c6bf872c38e22b1a9fbb06eed5a911dd3ff66781badcb3f77e16126d93e7df1943531e161580a19918b9cf2002e9

  • SSDEEP

    6144:IDdmX70uaCqjACW7DP61jYcUC57X/yS4rZlB7H+g/32:IDdkd3OACUDP61jYchaS4rdHF32

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      daebb23792d87a67e2a1ad85710b913a_JaffaCakes118

    • Size

      649KB

    • MD5

      daebb23792d87a67e2a1ad85710b913a

    • SHA1

      5ffaadb334a784fc3f7c316e50b2499af1776e95

    • SHA256

      a48496929e6a11fe1dba758b57eacf2004ed3cceb4c396ae0ea8bfb9f2a99d87

    • SHA512

      1bb4a6e6486aa0b6d12e276fd9cf1e800367c6bf872c38e22b1a9fbb06eed5a911dd3ff66781badcb3f77e16126d93e7df1943531e161580a19918b9cf2002e9

    • SSDEEP

      6144:IDdmX70uaCqjACW7DP61jYcUC57X/yS4rZlB7H+g/32:IDdkd3OACUDP61jYchaS4rdHF32

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks