Overview

overview

10

Static

static

3

ecd225883d...18.exe

windows7-x64

10

ecd225883d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecd225883d7d08889c557de09a3f7421_JaffaCakes118

  • Size

    531KB

  • Sample

    240920-etc8haydjq

  • MD5

    ecd225883d7d08889c557de09a3f7421

  • SHA1

    cb7ab11bdeaf4387b5e3d3e0785c1a0a8e8213ca

  • SHA256

    72d15d14ebd4ab4c6df841e6c1cf19a8b7cd90d41161dd78bd5af84196d3c7b8

  • SHA512

    4b92c774c48f5215a3ba4a7571dc1ab7a57a85984b6c16a4f60d6d35901a89b42b436cf2e8a36e4623c7b06f352aadc4f790dbd4f934804da268a2239c669150

  • SSDEEP

    12288:G93Wr+LO1WiZWU0di4dBeF3Z4mxxaoEtlK+kt9T2MryYEJL7:GlWr+LTiZWUkiQeQmXzGuyY+L7

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      ecd225883d7d08889c557de09a3f7421_JaffaCakes118

    • Size

      531KB

    • MD5

      ecd225883d7d08889c557de09a3f7421

    • SHA1

      cb7ab11bdeaf4387b5e3d3e0785c1a0a8e8213ca

    • SHA256

      72d15d14ebd4ab4c6df841e6c1cf19a8b7cd90d41161dd78bd5af84196d3c7b8

    • SHA512

      4b92c774c48f5215a3ba4a7571dc1ab7a57a85984b6c16a4f60d6d35901a89b42b436cf2e8a36e4623c7b06f352aadc4f790dbd4f934804da268a2239c669150

    • SSDEEP

      12288:G93Wr+LO1WiZWU0di4dBeF3Z4mxxaoEtlK+kt9T2MryYEJL7:GlWr+LTiZWUkiQeQmXzGuyY+L7

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks