fdb8f959a57aa87886dbcfd87ce1f596cb119441e98152ea69b82ec8aabfa1bc | Triage

Sharing

General

Target

fb366ad8b7645047b8ea32cf599e921b_JaffaCakes118
Size

51KB
Sample

240419-1ezzlsgh7z
MD5

fb366ad8b7645047b8ea32cf599e921b
SHA1

e4a2d94dc2cde227dcf20d0dad80aa0cd75d5c5b
SHA256

fdb8f959a57aa87886dbcfd87ce1f596cb119441e98152ea69b82ec8aabfa1bc
SHA512

33cecdd121b721376f0023fcf22be543fca5240d3d520da855cd04b29e31f725ca87bbcf1cd8f0f429bf534e1af4bca9596655c45c5a11d60bfdf3480e24d9a2
SSDEEP

1536:+xCQwz7AjVVZ4XO61sUUL7Fxo+atdoF9V2nulF:cgAj2XO6uUykPtdoFunulF

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  fb366ad8b7645047b8ea32cf599e921b_JaffaCakes118
- Size
  
  51KB
- MD5
  
  fb366ad8b7645047b8ea32cf599e921b
- SHA1
  
  e4a2d94dc2cde227dcf20d0dad80aa0cd75d5c5b
- SHA256
  
  fdb8f959a57aa87886dbcfd87ce1f596cb119441e98152ea69b82ec8aabfa1bc
- SHA512
  
  33cecdd121b721376f0023fcf22be543fca5240d3d520da855cd04b29e31f725ca87bbcf1cd8f0f429bf534e1af4bca9596655c45c5a11d60bfdf3480e24d9a2
- SSDEEP
  
  1536:+xCQwz7AjVVZ4XO61sUUL7Fxo+atdoF9V2nulF:cgAj2XO6uUykPtdoFunulF
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2