Overview

overview

10

Static

static

3

eaa9123b83...18.exe

windows7-x64

10

eaa9123b83...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eaa9123b8339467296c5eb414eb3f2a2_JaffaCakes118

  • Size

    116KB

  • Sample

    240919-f1xq6asflg

  • MD5

    eaa9123b8339467296c5eb414eb3f2a2

  • SHA1

    48c67b5525e7e9c76af9598bf1f8435a6e8a247a

  • SHA256

    619850966aeeb29f63a25efe60fbb2ae76ac506e1eb92a63c7e09635df48c3cd

  • SHA512

    f3dfd6506c358fb91da5746c041212e067f13eb34fec7b33c99d03bafab1859c998dc8b96cad2ca8b78c340934553a3b3830cb6860411f0d9d8f5a45de67857f

  • SSDEEP

    1536:f5JghTZdSg3Ojs8koyAFx57YjHzZ5oFDOukt5ycQg:xCHog+jMLdjHzboUuyLX

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      eaa9123b8339467296c5eb414eb3f2a2_JaffaCakes118

    • Size

      116KB

    • MD5

      eaa9123b8339467296c5eb414eb3f2a2

    • SHA1

      48c67b5525e7e9c76af9598bf1f8435a6e8a247a

    • SHA256

      619850966aeeb29f63a25efe60fbb2ae76ac506e1eb92a63c7e09635df48c3cd

    • SHA512

      f3dfd6506c358fb91da5746c041212e067f13eb34fec7b33c99d03bafab1859c998dc8b96cad2ca8b78c340934553a3b3830cb6860411f0d9d8f5a45de67857f

    • SSDEEP

      1536:f5JghTZdSg3Ojs8koyAFx57YjHzZ5oFDOukt5ycQg:xCHog+jMLdjHzboUuyLX

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks