Overview

overview

7

Static

static

3

ea875094ad...18.exe

windows7-x64

7

ea875094ad...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea875094ad1c48681bfb09c8eeb99447_JaffaCakes118

  • Size

    1.7MB

  • Sample

    240919-ecl43szcqm

  • MD5

    ea875094ad1c48681bfb09c8eeb99447

  • SHA1

    4855c721d1e8a3df7a53d8c8ce586b76595d4191

  • SHA256

    c44f01a0f0bc20de32bc3b2d4a42f37eebac5e83d627f16a34ed1eaeb193fef6

  • SHA512

    1aaa9d36cf19b53eac480b88bbd49ea9ac0f054dd3e90324ca7ed3fd9dc96697cc4fc9ed932f9c518a797a8f5294e64eda1aae169489b1d9b9d21d8b2b06e7a8

  • SSDEEP

    24576:eMFYGY9+9d/G7P9lkQ/exnzGn4dLsUvqkaT+0BpCCh+PDedNdUhZuIBWc7AXc:KN26FOnzGn6LJvqkwnpC+mWd6uIcc7h

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      ea875094ad1c48681bfb09c8eeb99447_JaffaCakes118

    • Size

      1.7MB

    • MD5

      ea875094ad1c48681bfb09c8eeb99447

    • SHA1

      4855c721d1e8a3df7a53d8c8ce586b76595d4191

    • SHA256

      c44f01a0f0bc20de32bc3b2d4a42f37eebac5e83d627f16a34ed1eaeb193fef6

    • SHA512

      1aaa9d36cf19b53eac480b88bbd49ea9ac0f054dd3e90324ca7ed3fd9dc96697cc4fc9ed932f9c518a797a8f5294e64eda1aae169489b1d9b9d21d8b2b06e7a8

    • SSDEEP

      24576:eMFYGY9+9d/G7P9lkQ/exnzGn4dLsUvqkaT+0BpCCh+PDedNdUhZuIBWc7AXc:KN26FOnzGn6LJvqkwnpC+mWd6uIcc7h

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks