Overview

overview

8

Static

static

3

3fe87c7d77...18.exe

windows7-x64

8

3fe87c7d77...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    3fe87c7d77ca03fb13f1e2b77d7d8164_JaffaCakes118

  • Size

    205KB

  • Sample

    241013-pwn3wsxajh

  • MD5

    3fe87c7d77ca03fb13f1e2b77d7d8164

  • SHA1

    3a8fdf3fbc0585013735bbb550f0af967171a954

  • SHA256

    c6e89dd7b0daf41c52421c46aae6e4f7bb406631a27a1b81af82c2f63aeb4f58

  • SHA512

    3fec121c2199c39570104d2616810fe7e07e3e8cf3bb1b79795c9dcefad6a6d791058cd4c29985dda1d27e452114e0c6604a3aee55eb2d195fa65b49056ae95b

  • SSDEEP

    3072:VBAp5XhKpN4eOyVTGfhEClj8jTk+0h4Tc0OgYr1m2Y9/b2JuAejzio0ylX:wbXE9OiTGfhEClq9JO/m2YPAejGo08X

Score
8/10
discovery

Malware Config

Targets

    • Target

      3fe87c7d77ca03fb13f1e2b77d7d8164_JaffaCakes118

    • Size

      205KB

    • MD5

      3fe87c7d77ca03fb13f1e2b77d7d8164

    • SHA1

      3a8fdf3fbc0585013735bbb550f0af967171a954

    • SHA256

      c6e89dd7b0daf41c52421c46aae6e4f7bb406631a27a1b81af82c2f63aeb4f58

    • SHA512

      3fec121c2199c39570104d2616810fe7e07e3e8cf3bb1b79795c9dcefad6a6d791058cd4c29985dda1d27e452114e0c6604a3aee55eb2d195fa65b49056ae95b

    • SSDEEP

      3072:VBAp5XhKpN4eOyVTGfhEClj8jTk+0h4Tc0OgYr1m2Y9/b2JuAejzio0ylX:wbXE9OiTGfhEClq9JO/m2YPAejGo08X

    Score
    8/10
    discovery

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks