01700892d2f3e30fff0f92bb168864e926c7f9dfb22eae4bd325ac371838a5e4 | Triage

Sharing

General

Target

f75764d7b83f4935465542fdae8a5923_JaffaCakes118
Size

148KB
Sample

240418-fy3vdscb68
MD5

f75764d7b83f4935465542fdae8a5923
SHA1

ab16f5a2798255bf5ce9f23531fc320a7c324130
SHA256

01700892d2f3e30fff0f92bb168864e926c7f9dfb22eae4bd325ac371838a5e4
SHA512

eb933181df22b30ff2c02d2251093a4c6df35e237e4c6d904c4c8bad43d4d944a27114999686a0c16d57290359ce49395553f744a011b025db53a539e3f7217b
SSDEEP

3072:DiFqQh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhI/2E5j4oQu:uFFh96F90Wf7nJPwdud

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  f75764d7b83f4935465542fdae8a5923_JaffaCakes118
- Size
  
  148KB
- MD5
  
  f75764d7b83f4935465542fdae8a5923
- SHA1
  
  ab16f5a2798255bf5ce9f23531fc320a7c324130
- SHA256
  
  01700892d2f3e30fff0f92bb168864e926c7f9dfb22eae4bd325ac371838a5e4
- SHA512
  
  eb933181df22b30ff2c02d2251093a4c6df35e237e4c6d904c4c8bad43d4d944a27114999686a0c16d57290359ce49395553f744a011b025db53a539e3f7217b
- SSDEEP
  
  3072:DiFqQh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhI/2E5j4oQu:uFFh96F90Wf7nJPwdud
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence