Overview

overview

7

Static

static

3

f6bcda3158...18.exe

windows7-x64

6

f6bcda3158...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f6bcda3158de325660710f0e3d7b950a_JaffaCakes118

  • Size

    64KB

  • Sample

    240925-yg26msthmk

  • MD5

    f6bcda3158de325660710f0e3d7b950a

  • SHA1

    fb3bccb8a0015c1a4503afefaec288a4a7fa968c

  • SHA256

    8c35aaf7043b5a6e29c96e48877afb8f055b558650d9120ee922cf245732b138

  • SHA512

    f5bd2f7e1e5c4a46e15e35a1eb03bf12d63b8a33c82359225954d2bcf756e59736a40296b2eac14367b3ec9a558343b7fb3eb402831ebcefa269a036d8db201c

  • SSDEEP

    768:LVh3DVlvqMb9EGDtvN7ES5VNvXNGlmQtLD6W7qptyybbJE1C0csF4RY:zDVlvqMqwtvNI8NvdGAGLD6OqpTmC0eq

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      f6bcda3158de325660710f0e3d7b950a_JaffaCakes118

    • Size

      64KB

    • MD5

      f6bcda3158de325660710f0e3d7b950a

    • SHA1

      fb3bccb8a0015c1a4503afefaec288a4a7fa968c

    • SHA256

      8c35aaf7043b5a6e29c96e48877afb8f055b558650d9120ee922cf245732b138

    • SHA512

      f5bd2f7e1e5c4a46e15e35a1eb03bf12d63b8a33c82359225954d2bcf756e59736a40296b2eac14367b3ec9a558343b7fb3eb402831ebcefa269a036d8db201c

    • SSDEEP

      768:LVh3DVlvqMb9EGDtvN7ES5VNvXNGlmQtLD6W7qptyybbJE1C0csF4RY:zDVlvqMqwtvNI8NvdGAGLD6OqpTmC0eq

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks