Overview

overview

7

Static

static

3

ff0ed00de7...18.exe

windows7-x64

7

ff0ed00de7...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ff0ed00de7eadd4f2289c76079dc9f5c_JaffaCakes118

  • Size

    287KB

  • Sample

    240929-we9rlaxenf

  • MD5

    ff0ed00de7eadd4f2289c76079dc9f5c

  • SHA1

    30a4d26a06ba181d331c8689e4653b744a41ed39

  • SHA256

    0c041e2061321a76988b153f7481218b9ad2f6344d77e2c56dc9d9f00f0b6c38

  • SHA512

    78a1d92a2c28670250b6786f4b417995842b1b023d7abad073f11f9715ad8b4d33fb38b61c4f274a21aff1129b3ae02003b3945c1cf5dbd3c3beba582d520517

  • SSDEEP

    6144:Go1FIFXMCrFP3PAANM5IaE1pqcNKKP9rWrPUypGDbkGkSJlEbh2pCuv:zc5h/AAu5ITpqcNEL8bYSJlEbh2z

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      ff0ed00de7eadd4f2289c76079dc9f5c_JaffaCakes118

    • Size

      287KB

    • MD5

      ff0ed00de7eadd4f2289c76079dc9f5c

    • SHA1

      30a4d26a06ba181d331c8689e4653b744a41ed39

    • SHA256

      0c041e2061321a76988b153f7481218b9ad2f6344d77e2c56dc9d9f00f0b6c38

    • SHA512

      78a1d92a2c28670250b6786f4b417995842b1b023d7abad073f11f9715ad8b4d33fb38b61c4f274a21aff1129b3ae02003b3945c1cf5dbd3c3beba582d520517

    • SSDEEP

      6144:Go1FIFXMCrFP3PAANM5IaE1pqcNKKP9rWrPUypGDbkGkSJlEbh2pCuv:zc5h/AAu5ITpqcNEL8bYSJlEbh2z

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks