Overview

overview

7

Static

static

3

9f14fd4f96...18.exe

windows7-x64

7

9f14fd4f96...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f14fd4f9657342f3df783a7a6bb0d2c_JaffaCakes118

  • Size

    60KB

  • Sample

    241126-b1wfwaxkf1

  • MD5

    9f14fd4f9657342f3df783a7a6bb0d2c

  • SHA1

    a2fbc7d2fb9f4bc5246d726303d0909fa3914400

  • SHA256

    e688bf3fa8b2cf79f44b6d70afd55edb6258750f50997d0f9b76e0af3ed824a6

  • SHA512

    0cce69582ffc0807b770404586708629d42ce805b3d7eb08d67f24cef8e077498e07486fef401f8f193bc38d679cab892fd463de0705900bc98b1706b3382ef8

  • SSDEEP

    768:xOSpAZko5ewReAS4sIsttee+0dGqWTvBfnuAuvyBPFpU1tD:xObZkzrlyeBGqW9fuDvestD

Score
7/10
defense_evasiondiscoveryphishing

Malware Config

Targets

    • Target

      9f14fd4f9657342f3df783a7a6bb0d2c_JaffaCakes118

    • Size

      60KB

    • MD5

      9f14fd4f9657342f3df783a7a6bb0d2c

    • SHA1

      a2fbc7d2fb9f4bc5246d726303d0909fa3914400

    • SHA256

      e688bf3fa8b2cf79f44b6d70afd55edb6258750f50997d0f9b76e0af3ed824a6

    • SHA512

      0cce69582ffc0807b770404586708629d42ce805b3d7eb08d67f24cef8e077498e07486fef401f8f193bc38d679cab892fd463de0705900bc98b1706b3382ef8

    • SSDEEP

      768:xOSpAZko5ewReAS4sIsttee+0dGqWTvBfnuAuvyBPFpU1tD:xObZkzrlyeBGqW9fuDvestD

    Score
    7/10
    discoverydefense_evasionphishing

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks