Overview

overview

8

Static

static

3

f9d5a48da0...18.exe

windows7-x64

8

f9d5a48da0...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f9d5a48da07864c89488d6fcac03548a_JaffaCakes118

  • Size

    184KB

  • Sample

    240927-gjhrca1cqe

  • MD5

    f9d5a48da07864c89488d6fcac03548a

  • SHA1

    f83c341f0466791ffaa3c79a8c79aff58776e311

  • SHA256

    94970d094c24e119e193710840fd870b129be2dd56db8e8a86dfe9149d7ecad9

  • SHA512

    63aab11729d4334dac371bcb6a1bee5778217cb7cc39bc701efdb5e81bdb7c514efa38021cdcb9504fa8689323eab8fbd23542b13e2232eaf0fe4bb3fffe6981

  • SSDEEP

    3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3t:/7BSH8zUB+nGESaaRvoB7FJNndnw

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      f9d5a48da07864c89488d6fcac03548a_JaffaCakes118

    • Size

      184KB

    • MD5

      f9d5a48da07864c89488d6fcac03548a

    • SHA1

      f83c341f0466791ffaa3c79a8c79aff58776e311

    • SHA256

      94970d094c24e119e193710840fd870b129be2dd56db8e8a86dfe9149d7ecad9

    • SHA512

      63aab11729d4334dac371bcb6a1bee5778217cb7cc39bc701efdb5e81bdb7c514efa38021cdcb9504fa8689323eab8fbd23542b13e2232eaf0fe4bb3fffe6981

    • SSDEEP

      3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3t:/7BSH8zUB+nGESaaRvoB7FJNndnw

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks