7de91ccae4901174028dd74cec32da9020636306ab72b78c37b661d05d53559d | Triage

Sharing

General

Target

e9e8ff4be7e6974a1a9858bc9e346ac2_JaffaCakes118
Size

5.2MB
Sample

240409-nt8tvahc8z
MD5

e9e8ff4be7e6974a1a9858bc9e346ac2
SHA1

aaebc39377f52f8dcece1bf864b163b0d5619c62
SHA256

7de91ccae4901174028dd74cec32da9020636306ab72b78c37b661d05d53559d
SHA512

c13395829b862644431afd9f33f25efaf34771243ef578feb05bb48dca11a9114d007d2f2a37ad1e1c0fcfedee1c4534ed0856d1b5bc95170a2d0672f16c4fd3
SSDEEP

98304:m2sR1SpiLe+T8NB2FUPNhigHh9mUu+a8IGGgxCGEvx5bLa8A:Ryd6NBCUNhigHbju+0RgVErLA

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e9e8ff4be7e6974a1a9858bc9e346ac2_JaffaCakes118
- Size
  
  5.2MB
- MD5
  
  e9e8ff4be7e6974a1a9858bc9e346ac2
- SHA1
  
  aaebc39377f52f8dcece1bf864b163b0d5619c62
- SHA256
  
  7de91ccae4901174028dd74cec32da9020636306ab72b78c37b661d05d53559d
- SHA512
  
  c13395829b862644431afd9f33f25efaf34771243ef578feb05bb48dca11a9114d007d2f2a37ad1e1c0fcfedee1c4534ed0856d1b5bc95170a2d0672f16c4fd3
- SSDEEP
  
  98304:m2sR1SpiLe+T8NB2FUPNhigHh9mUu+a8IGGgxCGEvx5bLa8A:Ryd6NBCUNhigHbju+0RgVErLA
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2