Overview

overview

7

Static

static

3

f085e7cad8...18.exe

windows7-x64

6

f085e7cad8...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f085e7cad8e0583b5e468a0d0bf9d94d_JaffaCakes118

  • Size

    64KB

  • Sample

    240921-yx5aya1cme

  • MD5

    f085e7cad8e0583b5e468a0d0bf9d94d

  • SHA1

    13b2f42dfdec0282b32f45c0021b8e0fc96b9346

  • SHA256

    c262b569f745581f8d297684284c4b06899b2b873bac6e6047b5428cc1c7bf46

  • SHA512

    92860285c125e310539a9625169a17ddbab4eae181a36c75f6eb29b3949b8f1da82172ea8d2536ac9dd410bad8e2fdfddc4d42abf47359973968ffe5bb2bbf70

  • SSDEEP

    768:wP7H7nMf7F0IlGDtV/2gh+9FypieETnSPagT7wo4cFQUVrENk1V7UIvsi9B2h:e7bnMf7FJwtV/zhk80D3o4cFwkkInI

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      f085e7cad8e0583b5e468a0d0bf9d94d_JaffaCakes118

    • Size

      64KB

    • MD5

      f085e7cad8e0583b5e468a0d0bf9d94d

    • SHA1

      13b2f42dfdec0282b32f45c0021b8e0fc96b9346

    • SHA256

      c262b569f745581f8d297684284c4b06899b2b873bac6e6047b5428cc1c7bf46

    • SHA512

      92860285c125e310539a9625169a17ddbab4eae181a36c75f6eb29b3949b8f1da82172ea8d2536ac9dd410bad8e2fdfddc4d42abf47359973968ffe5bb2bbf70

    • SSDEEP

      768:wP7H7nMf7F0IlGDtV/2gh+9FypieETnSPagT7wo4cFQUVrENk1V7UIvsi9B2h:e7bnMf7FJwtV/zhk80D3o4cFwkkInI

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks