Overview

overview

10

Static

static

3

JaffaCakes...70.exe

windows7-x64

10

JaffaCakes...70.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_68a67ed1680a2243404265ddbb221270

  • Size

    88KB

  • Sample

    250102-2lqvys1qfr

  • MD5

    68a67ed1680a2243404265ddbb221270

  • SHA1

    ce43e1237af97f08fe499c145715072fe3758a94

  • SHA256

    3c71389d9d098326b1515403449252cc4613479c67c1c294cd0a13d7d6a405d1

  • SHA512

    c2a93615d9440bd51805141d6a21890ac756311da28d30468290f0869f8c17023699085f335de4755dc5b2cc977b7f69ccad4f405ab6f8a5a1af1ff1f91a5f86

  • SSDEEP

    1536:esrhFJekIsOnOCaRIj0oCudDF9DXQIdgikEH7m0:BlFJekX2jaRU0/IDFNQIdgrI

Score
10/10
bruteratelbackdoordiscoveryupx

Malware Config

Targets

    • Target

      JaffaCakes118_68a67ed1680a2243404265ddbb221270

    • Size

      88KB

    • MD5

      68a67ed1680a2243404265ddbb221270

    • SHA1

      ce43e1237af97f08fe499c145715072fe3758a94

    • SHA256

      3c71389d9d098326b1515403449252cc4613479c67c1c294cd0a13d7d6a405d1

    • SHA512

      c2a93615d9440bd51805141d6a21890ac756311da28d30468290f0869f8c17023699085f335de4755dc5b2cc977b7f69ccad4f405ab6f8a5a1af1ff1f91a5f86

    • SSDEEP

      1536:esrhFJekIsOnOCaRIj0oCudDF9DXQIdgikEH7m0:BlFJekX2jaRU0/IDFNQIdgrI

    Score
    10/10
    bruteratelbackdoordiscoveryupx

    • Brute Ratel C4

      A customized command and control framework for red teaming and adversary simulation.

      backdoorbruteratel

    • Bruteratel family

      bruteratel

    • Detect BruteRatel badger

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks