Overview

overview

8

Static

static

1

Run.bat

windows7-x64

1

Run.bat

windows10-2004-x64

7

Run.vbs

windows7-x64

1

Run.vbs

windows10-2004-x64

1

Run2.bat

windows7-x64

8

Run2.bat

windows10-2004-x64

8

Run2.vbs

windows7-x64

1

Run2.vbs

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    848c48726f1cd69ac916fc83d9747040_JaffaCakes118

  • Size

    949KB

  • Sample

    241101-wc6bdstbrh

  • MD5

    848c48726f1cd69ac916fc83d9747040

  • SHA1

    caf93e1203128eb06b50ee1e861f5120f85b3765

  • SHA256

    d9559614826907ec7f192da25c725dd587b1625c0cc9dc9460e58f7a4951ce25

  • SHA512

    48f01eaa887ee4bad6131768f77794f1ce8c2a2dcbf640655ed33d21efb2b5f45db1d23f5e7f742cb0b1f48a7949c71a6fd4f2a55ab357c53ff2571aa8b3252d

  • SSDEEP

    24576:AxlwdeWHFGT73hRBE9oYYWVfA6LT4yIe1EL1c06p:FjlGf31E9hVKgbZ

Score
8/10
discoveryevasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      Run.bat

    • Size

      34B

    • MD5

      1d936b36dab19856994eab5eca53c272

    • SHA1

      62224416973c0e6908a0b7a5d21c29d8e59348df

    • SHA256

      c2cd4710d39ba3453b9ce50dcdca7cdf446f4b9d71360a72bc7d033971b04e68

    • SHA512

      4df5fd73ba6ef6b62217306c67ac37a62d6c7f2c4bec733d16b1b491a953d112ca6b6e6e7be421f0486740b9e4d05953f6fd487e080568b05a206ebe764fe59c

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      Run.vbs

    • Size

      1KB

    • MD5

      c7e8142fee81396e50f3aced584377ae

    • SHA1

      18c7e5e3c715565f151fb14779fbc4b4c255a328

    • SHA256

      35a77cf612470ac33f86c2e3114eb137e9d625a9f91693606232ce8aaaecf9c5

    • SHA512

      0d78bf22674af1b55e14ee62f035c62ed5cb512e93cef702e8a1641421e8b9be72ba1fb6daff375bfb13bb3fa2ede87f15c3f69d89cb41ba41b4c441228a22ad

    Score
    1/10
    behavioral3behavioral4

    • Target

      Run2.bat

    • Size

      17KB

    • MD5

      dc69687d3cfbd87f2dab0eafcf050f07

    • SHA1

      f674ab10c91fe7b296f7a2b5bd180e295b1d7aa5

    • SHA256

      9148859cf256454ce12122f65aaf5be2c188719e7648c77c0ba4d1acd80277db

    • SHA512

      7011dd7c2568242207322e13dad1b5b4e0b18f34443023647e303151c901cbd1d82abcafe9948f60a2c5a7842b024b10a17b7095c44d301ebef8171d3668657a

    • SSDEEP

      384:6dVGq62ok5so3ggXMiW5JePUd0s7r/0I1JNvwNveNvwNvf:6dZKk5so3ggXMiW84R0Ka0ax

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery
    behavioral5behavioral6

    • Target

      Run2.vbs

    • Size

      1KB

    • MD5

      db26977047ffd034f3ca4f8c68f93ebd

    • SHA1

      b1bdca1c013def239f00abcb2737ff465924c8d9

    • SHA256

      5e0b6da3f0028ac24fdcc06f74bdb937fc711b917207411297d7e501d6f238b0

    • SHA512

      62c49a4b4b5837e3330c67c7dca1391858f46aed6df2f8d2dd7c7bc10c6c2d91e74b08d550d6afba2a201d1852907db94ab3da2601e957aea369d10d6b6bdf21

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks