Overview

overview

7

Static

static

3

dd6290422f...18.exe

windows7-x64

7

dd6290422f...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    dd6290422f7dec38ab5227767d3e5696_JaffaCakes118

  • Size

    37KB

  • Sample

    240913-bkjgdawbpr

  • MD5

    dd6290422f7dec38ab5227767d3e5696

  • SHA1

    357386ecf57a286849a21773a6023b8b79d9da06

  • SHA256

    14b7d015f0c5e46063164bd7a472029f934b0f3d6de81b63c2c92dff6ccab1b3

  • SHA512

    05b0bd562b2aa65faa792339e8f61b634578624bfaf26e2d96f630031f0b08d06967e0667506702ddbdcabedcac37b6250ca1cf7e8f5d71b6389329e6fa95316

  • SSDEEP

    768:FVzEq+aJe1mgawzxsUNCub8PC1jIHxATVGuQyqiS9TtIwLNVb7IpOJ:FR1+aJe1mgawzxsBub8PC1jIHxATVGDJ

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      dd6290422f7dec38ab5227767d3e5696_JaffaCakes118

    • Size

      37KB

    • MD5

      dd6290422f7dec38ab5227767d3e5696

    • SHA1

      357386ecf57a286849a21773a6023b8b79d9da06

    • SHA256

      14b7d015f0c5e46063164bd7a472029f934b0f3d6de81b63c2c92dff6ccab1b3

    • SHA512

      05b0bd562b2aa65faa792339e8f61b634578624bfaf26e2d96f630031f0b08d06967e0667506702ddbdcabedcac37b6250ca1cf7e8f5d71b6389329e6fa95316

    • SSDEEP

      768:FVzEq+aJe1mgawzxsUNCub8PC1jIHxATVGuQyqiS9TtIwLNVb7IpOJ:FR1+aJe1mgawzxsBub8PC1jIHxATVGDJ

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks