Overview

overview

7

Static

static

3

f4efdc3802...18.exe

windows7-x64

6

f4efdc3802...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f4efdc3802fab8a2f3d212f32004caff_JaffaCakes118

  • Size

    284KB

  • Sample

    240925-cjnv5s1gme

  • MD5

    f4efdc3802fab8a2f3d212f32004caff

  • SHA1

    c80eb2de1c01e40da6f964920209cded8ab40f32

  • SHA256

    64a7f0745016b0e56a35058423809b8d7078d535421dfdf2d8ca2c05980758d3

  • SHA512

    3b23393cd2a4cea463d284266e7d422ce9e61d7e52b8ec5c0042e5b93b99d781a299a4a91b34a0bb16182a399280b8f6d643c930fc37d3507402cf3e4d34de48

  • SSDEEP

    6144:5Mrv2ZWb+erGHwisJQ6x0Q6n2dLKU+AHBqkYoV3:oJ+tQ26x0Q62dGAR3

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      f4efdc3802fab8a2f3d212f32004caff_JaffaCakes118

    • Size

      284KB

    • MD5

      f4efdc3802fab8a2f3d212f32004caff

    • SHA1

      c80eb2de1c01e40da6f964920209cded8ab40f32

    • SHA256

      64a7f0745016b0e56a35058423809b8d7078d535421dfdf2d8ca2c05980758d3

    • SHA512

      3b23393cd2a4cea463d284266e7d422ce9e61d7e52b8ec5c0042e5b93b99d781a299a4a91b34a0bb16182a399280b8f6d643c930fc37d3507402cf3e4d34de48

    • SSDEEP

      6144:5Mrv2ZWb+erGHwisJQ6x0Q6n2dLKU+AHBqkYoV3:oJ+tQ26x0Q62dGAR3

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks