Overview

overview

10

Static

static

3

3d4ba0a7f7...18.exe

windows7-x64

10

3d4ba0a7f7...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3d4ba0a7f7e23161b146ffd83fe49305_JaffaCakes118

  • Size

    42KB

  • Sample

    241013-cykf9syepm

  • MD5

    3d4ba0a7f7e23161b146ffd83fe49305

  • SHA1

    15e4cac43018795438e4f794c7d5afef4ef6e1ce

  • SHA256

    06444063d5d7a82a65301a1f8f72270256e9f4a4a7e3b061cb5f853226d34802

  • SHA512

    fe33af04dfc277c94afa8d7d0a46879474c037640f19a8a7f69f0ab4a7794def9fa2308536aa51190894f13c73f301c1d6b68b9924816625a24cd9cb255cbf0f

  • SSDEEP

    768:X7UIfJioA+SnHrHiDCfLclQHbGknV3eHuFyQmY3DY2wQIasPJzcTbT8dV:rV0HrCDCfeQ713eHuFRzivasPJzwUdV

Score
10/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      3d4ba0a7f7e23161b146ffd83fe49305_JaffaCakes118

    • Size

      42KB

    • MD5

      3d4ba0a7f7e23161b146ffd83fe49305

    • SHA1

      15e4cac43018795438e4f794c7d5afef4ef6e1ce

    • SHA256

      06444063d5d7a82a65301a1f8f72270256e9f4a4a7e3b061cb5f853226d34802

    • SHA512

      fe33af04dfc277c94afa8d7d0a46879474c037640f19a8a7f69f0ab4a7794def9fa2308536aa51190894f13c73f301c1d6b68b9924816625a24cd9cb255cbf0f

    • SSDEEP

      768:X7UIfJioA+SnHrHiDCfLclQHbGknV3eHuFyQmY3DY2wQIasPJzcTbT8dV:rV0HrCDCfeQ713eHuFRzivasPJzwUdV

    Score
    10/10
    defense_evasiondiscoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks