Overview

overview

7

Static

static

3

29baa5a15a...18.exe

windows7-x64

7

29baa5a15a...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    29baa5a15ab0ef3df9a8337091a6af49_JaffaCakes118

  • Size

    110KB

  • Sample

    241009-dmqpksseqg

  • MD5

    29baa5a15ab0ef3df9a8337091a6af49

  • SHA1

    5a350903c2eafeba080a93fcaa7c4076efcbb081

  • SHA256

    ece39ffd362d54771251177033f4340c5a482f03fa48266404de9a5300994af5

  • SHA512

    d768ec27adcfafc3d64b6140c49adbab1234ced4a24923f9da5864c87730df771e056cb1b7b377b478fae2ce7b353ca45b81f822f6a273d9023065c4bf5de19a

  • SSDEEP

    3072:sZvuCErCoXkdbTLBAMrAEi9/axmQ8iJkrSAVjh2m:sZvuCYX6bmERmQ5JCS815

Score
7/10
discovery

Malware Config

Targets

    • Target

      29baa5a15ab0ef3df9a8337091a6af49_JaffaCakes118

    • Size

      110KB

    • MD5

      29baa5a15ab0ef3df9a8337091a6af49

    • SHA1

      5a350903c2eafeba080a93fcaa7c4076efcbb081

    • SHA256

      ece39ffd362d54771251177033f4340c5a482f03fa48266404de9a5300994af5

    • SHA512

      d768ec27adcfafc3d64b6140c49adbab1234ced4a24923f9da5864c87730df771e056cb1b7b377b478fae2ce7b353ca45b81f822f6a273d9023065c4bf5de19a

    • SSDEEP

      3072:sZvuCErCoXkdbTLBAMrAEi9/axmQ8iJkrSAVjh2m:sZvuCYX6bmERmQ5JCS815

    Score
    7/10
    discovery

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks