Overview

overview

7

Static

static

3

fee0cf8b5f...18.exe

windows7-x64

7

fee0cf8b5f...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fee0cf8b5f5718349a315107b888dd07_JaffaCakes118

  • Size

    217KB

  • Sample

    240929-tj1ndatgph

  • MD5

    fee0cf8b5f5718349a315107b888dd07

  • SHA1

    ba664741049f68bb1a2ad94dc563a6900cba5b0c

  • SHA256

    ddf6b3e3016c7bac7a0084029437bdd26e13c9decaafaed3b4129c424e2f6edd

  • SHA512

    a28a962cfd9e911174a00e805282e2a61c1ecbcc5c43f8a428b4fd72c382bebd942beeb00c9d02ea3e40b7c1ad8c6fb1373239805d4048e42b0b5e1ea65797af

  • SSDEEP

    3072:EDK4uehiqiXNHnHm0I/2b3rAHfITjIJxMRcSX2jGJq/04mPT4wDU4XtM4h9BZgIV:MK4uehiqYH3D3LOSyGRVPT4QXXveDlf0

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      fee0cf8b5f5718349a315107b888dd07_JaffaCakes118

    • Size

      217KB

    • MD5

      fee0cf8b5f5718349a315107b888dd07

    • SHA1

      ba664741049f68bb1a2ad94dc563a6900cba5b0c

    • SHA256

      ddf6b3e3016c7bac7a0084029437bdd26e13c9decaafaed3b4129c424e2f6edd

    • SHA512

      a28a962cfd9e911174a00e805282e2a61c1ecbcc5c43f8a428b4fd72c382bebd942beeb00c9d02ea3e40b7c1ad8c6fb1373239805d4048e42b0b5e1ea65797af

    • SSDEEP

      3072:EDK4uehiqiXNHnHm0I/2b3rAHfITjIJxMRcSX2jGJq/04mPT4wDU4XtM4h9BZgIV:MK4uehiqYH3D3LOSyGRVPT4QXXveDlf0

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks