Overview

overview

10

Static

static

3

ee19694824...18.exe

windows7-x64

10

ee19694824...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee196948240f1a0b6c6cedc1a5b0d64a_JaffaCakes118

  • Size

    180KB

  • Sample

    240920-v6l9yaycra

  • MD5

    ee196948240f1a0b6c6cedc1a5b0d64a

  • SHA1

    d38eaa3ebb182f24f35e3efa84249a143160bb89

  • SHA256

    7460c7d0c85681926119abb29b331ef6dca33493b41f3fc8d3a14f6a0a6c660f

  • SHA512

    5396298d5aaabcdb9050e8788d8a1637eeab120c434ce178b2b418e724b7ae14a3b5e8781df3be4a331f7e8cf7a710f7e1396f2f6db945a2b1b7769bd4fe88a8

  • SSDEEP

    1536:MK/uw99C4YUUTq2Q/hZx7vkrkx/xBEWcYz:Tdcrkx/xHcY

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      ee196948240f1a0b6c6cedc1a5b0d64a_JaffaCakes118

    • Size

      180KB

    • MD5

      ee196948240f1a0b6c6cedc1a5b0d64a

    • SHA1

      d38eaa3ebb182f24f35e3efa84249a143160bb89

    • SHA256

      7460c7d0c85681926119abb29b331ef6dca33493b41f3fc8d3a14f6a0a6c660f

    • SHA512

      5396298d5aaabcdb9050e8788d8a1637eeab120c434ce178b2b418e724b7ae14a3b5e8781df3be4a331f7e8cf7a710f7e1396f2f6db945a2b1b7769bd4fe88a8

    • SSDEEP

      1536:MK/uw99C4YUUTq2Q/hZx7vkrkx/xBEWcYz:Tdcrkx/xHcY

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks