Overview

overview

7

Static

static

3

1020e1ed0a...18.exe

windows7-x64

7

1020e1ed0a...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1020e1ed0af1b64071f1c391b9a0523c_JaffaCakes118

  • Size

    19KB

  • Sample

    241003-xgw4ys1cml

  • MD5

    1020e1ed0af1b64071f1c391b9a0523c

  • SHA1

    68791dbf18727d6f61fea2d3353d4a6f7424f5ea

  • SHA256

    de430971ac7d9fc3d57e80c806b3a9ac23447f841b4c119e1817946787c114ee

  • SHA512

    f8629cc17fd800a0ea4c56d6249296d8dc8370483ab5b93bee58f6308e63423de0c1d87da05d599f1e18199106e76cd04d82c352ec4d71bbaa900e561ee14a5f

  • SSDEEP

    384:rtzP2Apnh4r3eu7u/JxFHlYK/1Jd8kiWw9tdSR9xcZQOKTo5WAIxFx:ZzPppneruXJx1yK/1MswvdSNhOiow3x

Score
7/10
defense_evasiondiscovery

Malware Config

Targets

    • Target

      1020e1ed0af1b64071f1c391b9a0523c_JaffaCakes118

    • Size

      19KB

    • MD5

      1020e1ed0af1b64071f1c391b9a0523c

    • SHA1

      68791dbf18727d6f61fea2d3353d4a6f7424f5ea

    • SHA256

      de430971ac7d9fc3d57e80c806b3a9ac23447f841b4c119e1817946787c114ee

    • SHA512

      f8629cc17fd800a0ea4c56d6249296d8dc8370483ab5b93bee58f6308e63423de0c1d87da05d599f1e18199106e76cd04d82c352ec4d71bbaa900e561ee14a5f

    • SSDEEP

      384:rtzP2Apnh4r3eu7u/JxFHlYK/1Jd8kiWw9tdSR9xcZQOKTo5WAIxFx:ZzPppneruXJx1yK/1MswvdSNhOiow3x

    Score
    7/10
    defense_evasiondiscovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks