Overview

overview

7

Static

static

3

e1c6d7db98...18.exe

windows7-x64

7

e1c6d7db98...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1c6d7db984b460b59b564333e0596ae_JaffaCakes118

  • Size

    35KB

  • Sample

    240915-f1jvasxfmk

  • MD5

    e1c6d7db984b460b59b564333e0596ae

  • SHA1

    cd98702154928659db7aced67c97da8338b7a851

  • SHA256

    1568b4ff4ef1fa7e04b845a9931106c7715d2da7f6e92018bf10189137c0f833

  • SHA512

    755e9d548761af3ae19299d0c0ee1f7b0e178d0db905585c589c10b6375c30ac31ffebf30ea551d6fcda18c41537503fac64759fb0b051e8f1c5d7447e53099e

  • SSDEEP

    768:7lIGpJ3bZy1SAP6Cb2ye/w4UbDN3jKgUjIjQ0+GtmZuAZonJMl2:5xJLY1SAyQ2yGwRzhIGtvJP

Score
7/10
discovery

Malware Config

Targets

    • Target

      e1c6d7db984b460b59b564333e0596ae_JaffaCakes118

    • Size

      35KB

    • MD5

      e1c6d7db984b460b59b564333e0596ae

    • SHA1

      cd98702154928659db7aced67c97da8338b7a851

    • SHA256

      1568b4ff4ef1fa7e04b845a9931106c7715d2da7f6e92018bf10189137c0f833

    • SHA512

      755e9d548761af3ae19299d0c0ee1f7b0e178d0db905585c589c10b6375c30ac31ffebf30ea551d6fcda18c41537503fac64759fb0b051e8f1c5d7447e53099e

    • SSDEEP

      768:7lIGpJ3bZy1SAP6Cb2ye/w4UbDN3jKgUjIjQ0+GtmZuAZonJMl2:5xJLY1SAyQ2yGwRzhIGtvJP

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks