Overview

overview

7

Static

static

3

faeb26744b...18.exe

windows7-x64

6

faeb26744b...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    faeb26744b1cb5f64742a8f185a38ce2_JaffaCakes118

  • Size

    464KB

  • Sample

    240927-z3llfszdrk

  • MD5

    faeb26744b1cb5f64742a8f185a38ce2

  • SHA1

    9508ea68bbeaf795bf966a961e31d1f1cef65b58

  • SHA256

    85a53ef19fc577f068a45d0644504f9d4abfa4758c8c2bcc1decb9778e2ee93b

  • SHA512

    eb884f10935d8813cb57ccec3d98dc371c90d3be7f1e7fe41d255d42cb9337b8f2be68e8f0cdf179c064213354b9fcf39d42292c2dca17b546295a4ff1f9b305

  • SSDEEP

    12288:OR/sr13bpmuCxOVdyD0O6NO/q0j/k0FpKsD+6Z:ocxpmuCxnDWNO/fj/k6K/6

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      faeb26744b1cb5f64742a8f185a38ce2_JaffaCakes118

    • Size

      464KB

    • MD5

      faeb26744b1cb5f64742a8f185a38ce2

    • SHA1

      9508ea68bbeaf795bf966a961e31d1f1cef65b58

    • SHA256

      85a53ef19fc577f068a45d0644504f9d4abfa4758c8c2bcc1decb9778e2ee93b

    • SHA512

      eb884f10935d8813cb57ccec3d98dc371c90d3be7f1e7fe41d255d42cb9337b8f2be68e8f0cdf179c064213354b9fcf39d42292c2dca17b546295a4ff1f9b305

    • SSDEEP

      12288:OR/sr13bpmuCxOVdyD0O6NO/q0j/k0FpKsD+6Z:ocxpmuCxnDWNO/fj/k6K/6

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks