da9e19b02a4433a674f820e190fb975dadd91ba61017adcc0a5155e1b77f044c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f444944736788b8ba8693436fb92cf29_JaffaCakes118
Size

64KB
Sample

240416-zapseadd9y
MD5

f444944736788b8ba8693436fb92cf29
SHA1

f7b3b42cff8843c04fc0a2f2bbf1c3e2de472986
SHA256

da9e19b02a4433a674f820e190fb975dadd91ba61017adcc0a5155e1b77f044c
SHA512

54ff4b96b5695cf76fe481ec4fa1a6e5b635a78d14a24850cc44b3e03fa9cee005c0594dd3ccb4cf27e62dffc6f14e21df412e3efe38d059dc1b1cf9533885db
SSDEEP

768:WafQmHy4ck3vGSxt7j7g1E9wWEWJJd3G5U3s4xQMm37L3EVgfRO+ozTl:smSoT5ftwWTGm3O33/IJ1

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f444944736788b8ba8693436fb92cf29_JaffaCakes118
- Size
  
  64KB
- MD5
  
  f444944736788b8ba8693436fb92cf29
- SHA1
  
  f7b3b42cff8843c04fc0a2f2bbf1c3e2de472986
- SHA256
  
  da9e19b02a4433a674f820e190fb975dadd91ba61017adcc0a5155e1b77f044c
- SHA512
  
  54ff4b96b5695cf76fe481ec4fa1a6e5b635a78d14a24850cc44b3e03fa9cee005c0594dd3ccb4cf27e62dffc6f14e21df412e3efe38d059dc1b1cf9533885db
- SSDEEP
  
  768:WafQmHy4ck3vGSxt7j7g1E9wWEWJJd3G5U3s4xQMm37L3EVgfRO+ozTl:smSoT5ftwWTGm3O33/IJ1
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2