Overview

overview

7

Static

static

3

57b2a1db98...18.exe

windows10-2004-x64

7

Resubmissions

18-10-2024 13:44

241018-q1r6sazdkb 7

18-10-2024 13:29

241018-qrhkzs1hrn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    57b2a1db98a792e2498b6ba5344deb90_JaffaCakes118

  • Size

    344KB

  • Sample

    241018-q1r6sazdkb

  • MD5

    57b2a1db98a792e2498b6ba5344deb90

  • SHA1

    b8a75d237c860f0128eae5adeb7e76f41233fc36

  • SHA256

    6950d9f5794147161a7628aedcea38671ee33148580e015cf973f6a86c158d15

  • SHA512

    36ebdbc0b27025e9bcc0edbe0cb9b40f2f4f4bbc1582d8e94e42d399a474d45227789d158b7d991fd04424188429fbc00fcf9db06922e3e8abf1506c4aa6d729

  • SSDEEP

    6144:FqvsZf39vcCN1RHCfsIltPv6qn0/+sK+x20Im5iTxSO+xUJ:FqIv/wTPv6Q0GwFPxU

Score
7/10
defense_evasiondiscovery

Malware Config

Targets

    • Target

      57b2a1db98a792e2498b6ba5344deb90_JaffaCakes118

    • Size

      344KB

    • MD5

      57b2a1db98a792e2498b6ba5344deb90

    • SHA1

      b8a75d237c860f0128eae5adeb7e76f41233fc36

    • SHA256

      6950d9f5794147161a7628aedcea38671ee33148580e015cf973f6a86c158d15

    • SHA512

      36ebdbc0b27025e9bcc0edbe0cb9b40f2f4f4bbc1582d8e94e42d399a474d45227789d158b7d991fd04424188429fbc00fcf9db06922e3e8abf1506c4aa6d729

    • SSDEEP

      6144:FqvsZf39vcCN1RHCfsIltPv6qn0/+sK+x20Im5iTxSO+xUJ:FqIv/wTPv6Q0GwFPxU

    Score
    7/10
    defense_evasiondiscovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks