Overview

overview

7

Static

static

5

fea77c090e...18.exe

windows7-x64

7

fea77c090e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fea77c090ec7b99389bac2d303a65c89_JaffaCakes118

  • Size

    8KB

  • Sample

    240929-q23c5szejb

  • MD5

    fea77c090ec7b99389bac2d303a65c89

  • SHA1

    12a95751ba64d051b22043c8c4fc73e8ada08398

  • SHA256

    629b372151bb4d904de33244a5452d76d9d427847c2b287cc6d6f9c9554b81ad

  • SHA512

    8c3ef427880bd05885069349bdf67d3ff540b20a95d13ecbf7d4dacc3d0d88bdd3eb216aba520f0e9fc5bb11e5d5c0d91214692a2a53eeefe59a27bf135e6dc1

  • SSDEEP

    96:ziqFuUZ5AOPawy5/gKATMpxfNy2OM3uwMh/eB1eJj5l5rh4pi6fINYaqkGObt4Z:WqB/Aaby5/gApxlPNLaVdh4YtJJtbY

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      fea77c090ec7b99389bac2d303a65c89_JaffaCakes118

    • Size

      8KB

    • MD5

      fea77c090ec7b99389bac2d303a65c89

    • SHA1

      12a95751ba64d051b22043c8c4fc73e8ada08398

    • SHA256

      629b372151bb4d904de33244a5452d76d9d427847c2b287cc6d6f9c9554b81ad

    • SHA512

      8c3ef427880bd05885069349bdf67d3ff540b20a95d13ecbf7d4dacc3d0d88bdd3eb216aba520f0e9fc5bb11e5d5c0d91214692a2a53eeefe59a27bf135e6dc1

    • SSDEEP

      96:ziqFuUZ5AOPawy5/gKATMpxfNy2OM3uwMh/eB1eJj5l5rh4pi6fINYaqkGObt4Z:WqB/Aaby5/gApxlPNLaVdh4YtJJtbY

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks