Overview

overview

10

Static

static

3

ee34cfac14...18.exe

windows7-x64

10

ee34cfac14...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee34cfac14c1b2be0037921521380595_JaffaCakes118

  • Size

    228KB

  • Sample

    240920-xczz2s1gnb

  • MD5

    ee34cfac14c1b2be0037921521380595

  • SHA1

    7742a930af72717a9cc6999ceb0097377894b210

  • SHA256

    3d0e52e1010f665a5c4d4fbdd1732b8218a96e67b6427febd693d003a203d9e7

  • SHA512

    0a934b866f7155e81c02ad00cec09ffd391d8a92d50b424b0c8d53cf20bbfc611b87aea8ffed9870b891c9b2ae235c07a90cd2f58bc8d1424984a6d532a4f040

  • SSDEEP

    6144:+EdlN3PFKs7aaOKW8alhrEqxF6snji81RUinKGHgDaSK:+EbZPhvENPH6ab

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      ee34cfac14c1b2be0037921521380595_JaffaCakes118

    • Size

      228KB

    • MD5

      ee34cfac14c1b2be0037921521380595

    • SHA1

      7742a930af72717a9cc6999ceb0097377894b210

    • SHA256

      3d0e52e1010f665a5c4d4fbdd1732b8218a96e67b6427febd693d003a203d9e7

    • SHA512

      0a934b866f7155e81c02ad00cec09ffd391d8a92d50b424b0c8d53cf20bbfc611b87aea8ffed9870b891c9b2ae235c07a90cd2f58bc8d1424984a6d532a4f040

    • SSDEEP

      6144:+EdlN3PFKs7aaOKW8alhrEqxF6snji81RUinKGHgDaSK:+EbZPhvENPH6ab

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks