Overview

overview

8

Static

static

3

fe22bb89c7...18.exe

windows7-x64

8

fe22bb89c7...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe22bb89c75e89e05c334ca5d9540037_JaffaCakes118

  • Size

    520KB

  • Sample

    240929-kb5spayfme

  • MD5

    fe22bb89c75e89e05c334ca5d9540037

  • SHA1

    6a4bd87d097b403a04a9efe94dbcd0b6f952dc64

  • SHA256

    a7d940d6b519679011dce08355e606de1c97a4785eb87e131c0e3dbce2ae177b

  • SHA512

    8b1760bdd57cfa97f91b0090f27cea6eaa6a9d8060e9cdf01210869a14bc6f9f1078f80f732317b5a148b04e45e83d35dd49bc56b7ca75722faef8474f305df5

  • SSDEEP

    12288:36YL7MJh/fv0aher/Pn9AnCqj1xbdNgW:K6U30F/PqCq5N

Score
8/10
discovery

Malware Config

Targets

    • Target

      fe22bb89c75e89e05c334ca5d9540037_JaffaCakes118

    • Size

      520KB

    • MD5

      fe22bb89c75e89e05c334ca5d9540037

    • SHA1

      6a4bd87d097b403a04a9efe94dbcd0b6f952dc64

    • SHA256

      a7d940d6b519679011dce08355e606de1c97a4785eb87e131c0e3dbce2ae177b

    • SHA512

      8b1760bdd57cfa97f91b0090f27cea6eaa6a9d8060e9cdf01210869a14bc6f9f1078f80f732317b5a148b04e45e83d35dd49bc56b7ca75722faef8474f305df5

    • SSDEEP

      12288:36YL7MJh/fv0aher/Pn9AnCqj1xbdNgW:K6U30F/PqCq5N

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks