Overview

overview

7

Static

static

3

4495c390ae...18.exe

windows7-x64

5

4495c390ae...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4495c390ae1ec8912a0367268c3ff042_JaffaCakes118

  • Size

    61KB

  • Sample

    241014-2wlzravbqk

  • MD5

    4495c390ae1ec8912a0367268c3ff042

  • SHA1

    68fb489b8fe0374f6d8db4017d37bb15983c29fb

  • SHA256

    6dad314ffe61ad1cefb3e24cdf51dd54f9798d4ff27c2f4fcf5223bf1950b83d

  • SHA512

    2059ad0928eb9a51adacf8fd9a4194546e1e602456cfdd23c61384cb394ae8ca0f5ae193c29c9d65cd180735aee5b5ab0ecc8512e6603d1abd57569d149ded8f

  • SSDEEP

    1536:wPiVWnN2lvZCDVR7TXzLeIa9HmDgYnfLu:uX7DbmH0g7

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      4495c390ae1ec8912a0367268c3ff042_JaffaCakes118

    • Size

      61KB

    • MD5

      4495c390ae1ec8912a0367268c3ff042

    • SHA1

      68fb489b8fe0374f6d8db4017d37bb15983c29fb

    • SHA256

      6dad314ffe61ad1cefb3e24cdf51dd54f9798d4ff27c2f4fcf5223bf1950b83d

    • SHA512

      2059ad0928eb9a51adacf8fd9a4194546e1e602456cfdd23c61384cb394ae8ca0f5ae193c29c9d65cd180735aee5b5ab0ecc8512e6603d1abd57569d149ded8f

    • SSDEEP

      1536:wPiVWnN2lvZCDVR7TXzLeIa9HmDgYnfLu:uX7DbmH0g7

    Score
    7/10
    discoveryupx

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks