Overview

overview

7

Static

static

3

42e0476171...18.exe

windows7-x64

7

42e0476171...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42e04761718d404b9047883eea462fec_JaffaCakes118

  • Size

    484KB

  • Sample

    241014-syqw2s1hrf

  • MD5

    42e04761718d404b9047883eea462fec

  • SHA1

    629ac62de852c38b15b58bcaaf907e93bef4c12b

  • SHA256

    d4c42973e687e27770a68a86437ffdd69c5ab61c10ea022bac058502edb1268c

  • SHA512

    13eeda657647abd37ec7bfda756e629d32f2fe1de218d1798de3cc0a4dfad807828926279901671d4e1fc5c935b370c70026f2cbdcc4811f435d81a7a312d584

  • SSDEEP

    12288:KWblYV/jSphJ0wn5szvYs9gkJ0Re+0CCf:KWblM7SrGwnKzvYeghRTCf

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      42e04761718d404b9047883eea462fec_JaffaCakes118

    • Size

      484KB

    • MD5

      42e04761718d404b9047883eea462fec

    • SHA1

      629ac62de852c38b15b58bcaaf907e93bef4c12b

    • SHA256

      d4c42973e687e27770a68a86437ffdd69c5ab61c10ea022bac058502edb1268c

    • SHA512

      13eeda657647abd37ec7bfda756e629d32f2fe1de218d1798de3cc0a4dfad807828926279901671d4e1fc5c935b370c70026f2cbdcc4811f435d81a7a312d584

    • SSDEEP

      12288:KWblYV/jSphJ0wn5szvYs9gkJ0Re+0CCf:KWblM7SrGwnKzvYeghRTCf

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks