Overview

overview

7

Static

static

5

398e503c02...18.exe

windows7-x64

7

398e503c02...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    398e503c02a81a306655a0616e6bb80b_JaffaCakes118

  • Size

    97KB

  • Sample

    241012-mm6kgawdlh

  • MD5

    398e503c02a81a306655a0616e6bb80b

  • SHA1

    f03e8e6a6e06bdbedbd06d5b5b6bce26584d903f

  • SHA256

    cf106da4e963a11ad222a79d1ee93bcb6b9335ac081a8fb0cf03ef26f694d93c

  • SHA512

    847585c953aaf8a1a5ad10074b34ab75a9f8e8ce2cec9cf097fdfc53fe5b457f9f5bb404b4b9ad81db61e0eb912bc7108cf50611a0a6b914fbd36f91d820cf3c

  • SSDEEP

    1536:vFOVOeEccdncvtROZffNjVMAczNeCt5cEbjZOGspfxwj6zJjc:vFc+c1kNF5czNDwEb9sRxwuzFc

Score
7/10
adwarediscoveryevasionexecutionstealertrojanupx

Malware Config

Targets

    • Target

      398e503c02a81a306655a0616e6bb80b_JaffaCakes118

    • Size

      97KB

    • MD5

      398e503c02a81a306655a0616e6bb80b

    • SHA1

      f03e8e6a6e06bdbedbd06d5b5b6bce26584d903f

    • SHA256

      cf106da4e963a11ad222a79d1ee93bcb6b9335ac081a8fb0cf03ef26f694d93c

    • SHA512

      847585c953aaf8a1a5ad10074b34ab75a9f8e8ce2cec9cf097fdfc53fe5b457f9f5bb404b4b9ad81db61e0eb912bc7108cf50611a0a6b914fbd36f91d820cf3c

    • SSDEEP

      1536:vFOVOeEccdncvtROZffNjVMAczNeCt5cEbjZOGspfxwj6zJjc:vFc+c1kNF5czNDwEb9sRxwuzFc

    Score
    7/10
    adwarediscoveryevasionexecutionstealertrojanupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks