Overview

overview

7

Static

static

3

24ef9c53fe...18.exe

windows7-x64

7

24ef9c53fe...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24ef9c53fe9463effb8f45104742961a_JaffaCakes118

  • Size

    1.5MB

  • Sample

    241008-y5nm6awgmc

  • MD5

    24ef9c53fe9463effb8f45104742961a

  • SHA1

    1fa4dc4b76966d10414ec0a337804ca5b2dc2560

  • SHA256

    02b11daa65ab8b8fe8dd68d4cecc0f49f5360c05894ffe827a9a79c5331472cd

  • SHA512

    a76a36b91b4afe6b6d338de59e752cf59809872db53bef9812cde7550d0f9f12f823eac224080f4efa03f827c74679d979a44093a053871408b2b074f0229afe

  • SSDEEP

    24576:T7yryGw6Thq1kWn9+5eUMmz001Q0y7hr1SF9ONsclyrO:vyrtlq1/M5ed01der1SF9OpyrO

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      24ef9c53fe9463effb8f45104742961a_JaffaCakes118

    • Size

      1.5MB

    • MD5

      24ef9c53fe9463effb8f45104742961a

    • SHA1

      1fa4dc4b76966d10414ec0a337804ca5b2dc2560

    • SHA256

      02b11daa65ab8b8fe8dd68d4cecc0f49f5360c05894ffe827a9a79c5331472cd

    • SHA512

      a76a36b91b4afe6b6d338de59e752cf59809872db53bef9812cde7550d0f9f12f823eac224080f4efa03f827c74679d979a44093a053871408b2b074f0229afe

    • SSDEEP

      24576:T7yryGw6Thq1kWn9+5eUMmz001Q0y7hr1SF9ONsclyrO:vyrtlq1/M5ed01der1SF9OpyrO

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks