Overview

overview

7

Static

static

3

ef906bafe8...18.exe

windows7-x64

ef906bafe8...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    ef906bafe8e971fe0d7244e646296ba9_JaffaCakes118

  • Size

    58KB

  • Sample

    240921-l52tkaxajn

  • MD5

    ef906bafe8e971fe0d7244e646296ba9

  • SHA1

    60d3a6ec8a4a519094b01b2164021887a55edf06

  • SHA256

    0cbe9fee64d4a347a1747fa7b388cf0eb4b5c60f46acb83506849f627d7c12c7

  • SHA512

    52ee34df938b13789c10ffcbd3a26484b30f6381ef7e3f9ee5d216d67eb15e1d58f4e737ca3adb876d7f4a4fa1735454724405c2dc90d3e8ab407d03a053c1b4

  • SSDEEP

    1536:L1AJm76YaRO5Ron8VAPj8iPxV+1o87pGeFncaQl5x:cXkRW8aCGX

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      ef906bafe8e971fe0d7244e646296ba9_JaffaCakes118

    • Size

      58KB

    • MD5

      ef906bafe8e971fe0d7244e646296ba9

    • SHA1

      60d3a6ec8a4a519094b01b2164021887a55edf06

    • SHA256

      0cbe9fee64d4a347a1747fa7b388cf0eb4b5c60f46acb83506849f627d7c12c7

    • SHA512

      52ee34df938b13789c10ffcbd3a26484b30f6381ef7e3f9ee5d216d67eb15e1d58f4e737ca3adb876d7f4a4fa1735454724405c2dc90d3e8ab407d03a053c1b4

    • SSDEEP

      1536:L1AJm76YaRO5Ron8VAPj8iPxV+1o87pGeFncaQl5x:cXkRW8aCGX

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks