Overview

overview

7

Static

static

3

14f5f6f8da...18.exe

windows7-x64

7

14f5f6f8da...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    14f5f6f8da79e1eb2d347ce7bf178a79_JaffaCakes118

  • Size

    727KB

  • Sample

    241004-z7yfta1fra

  • MD5

    14f5f6f8da79e1eb2d347ce7bf178a79

  • SHA1

    5bcb12bf9727b95f586a9acb73302c66b342a330

  • SHA256

    9aee834ce65998e4770dba38e9e5589628ca7603a94568ee17df0cf3b43f1d0b

  • SHA512

    f27ef555be62aa7b8a405923e49070fdfb99ad1ee338ab1cb71086f03b6b3b33b83ca55dbd735ec0060e5f330d4b61b4aa7a52e860df9141f6697e9a5da40892

  • SSDEEP

    12288:KK2mhAMJ/cPlJyhfDnu/7Cl0iW9nBdgvmFyN58h7UZYE82Y5UKUL4n4y3Xp3SbSm:72O/GlEhfjuuOi0n3g47g6zwm4m53Sbv

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      14f5f6f8da79e1eb2d347ce7bf178a79_JaffaCakes118

    • Size

      727KB

    • MD5

      14f5f6f8da79e1eb2d347ce7bf178a79

    • SHA1

      5bcb12bf9727b95f586a9acb73302c66b342a330

    • SHA256

      9aee834ce65998e4770dba38e9e5589628ca7603a94568ee17df0cf3b43f1d0b

    • SHA512

      f27ef555be62aa7b8a405923e49070fdfb99ad1ee338ab1cb71086f03b6b3b33b83ca55dbd735ec0060e5f330d4b61b4aa7a52e860df9141f6697e9a5da40892

    • SSDEEP

      12288:KK2mhAMJ/cPlJyhfDnu/7Cl0iW9nBdgvmFyN58h7UZYE82Y5UKUL4n4y3Xp3SbSm:72O/GlEhfjuuOi0n3g47g6zwm4m53Sbv

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks