Overview

overview

10

Static

static

3

0e12a90dd0...18.exe

windows7-x64

10

0e12a90dd0...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0e12a90dd05a529e51b1b9481cd3c8ed_JaffaCakes118

  • Size

    140KB

  • Sample

    241003-fsxq7awejl

  • MD5

    0e12a90dd05a529e51b1b9481cd3c8ed

  • SHA1

    5676e8193bcc9573665895356bd3e2310d3e5851

  • SHA256

    0efe31573fd087a9b95083cddace65d25e5cb4fba96c5b672b9c6ae9a0212eb0

  • SHA512

    ca4d6a7319859f4594a4f538d4145718377133f4340b1098548b0da7adc4fb25904d7d6b5be53d9ae1ef927c6d97bc8358def444daadffec62ea71ba16960032

  • SSDEEP

    1536:ZopaMph+x+s+rBxSXq/fiTvlATmeX4Z4R4H4i4/o9FKs0z2xoetEPnyexeyZiVC+:weczxucz9/tBH3H3O

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      0e12a90dd05a529e51b1b9481cd3c8ed_JaffaCakes118

    • Size

      140KB

    • MD5

      0e12a90dd05a529e51b1b9481cd3c8ed

    • SHA1

      5676e8193bcc9573665895356bd3e2310d3e5851

    • SHA256

      0efe31573fd087a9b95083cddace65d25e5cb4fba96c5b672b9c6ae9a0212eb0

    • SHA512

      ca4d6a7319859f4594a4f538d4145718377133f4340b1098548b0da7adc4fb25904d7d6b5be53d9ae1ef927c6d97bc8358def444daadffec62ea71ba16960032

    • SSDEEP

      1536:ZopaMph+x+s+rBxSXq/fiTvlATmeX4Z4R4H4i4/o9FKs0z2xoetEPnyexeyZiVC+:weczxucz9/tBH3H3O

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks