730ba1ecdbc582e4c708bb40ba566e809968e46e752635010aa8a06bbf3fb039 | Triage

Sharing

General

Target

fc61e9f92e24e4d32e5b2b06dd62b31a_JaffaCakes118
Size

160KB
Sample

240420-ks5h9ach88
MD5

fc61e9f92e24e4d32e5b2b06dd62b31a
SHA1

a285f95da052c23fd8bf3e5228b6db896fe96807
SHA256

730ba1ecdbc582e4c708bb40ba566e809968e46e752635010aa8a06bbf3fb039
SHA512

c401ed116167f01910e05e2cb0fe08e5775d743a29ee122f69ecf0ae72f9ac2343861a16ddd069d518cac380e60a87dd1aaf5ce0f334df6f7420d3a2f214158f
SSDEEP

768:SVXL+uSmHRCfKy09p42hoJ0h4h2hQJVNjDkp57xXp5Rmg5Fh4hqhxOhDhzhnhvhB:SZqPfKyQ/Jh4h2hON6x5puwVT0h

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  fc61e9f92e24e4d32e5b2b06dd62b31a_JaffaCakes118
- Size
  
  160KB
- MD5
  
  fc61e9f92e24e4d32e5b2b06dd62b31a
- SHA1
  
  a285f95da052c23fd8bf3e5228b6db896fe96807
- SHA256
  
  730ba1ecdbc582e4c708bb40ba566e809968e46e752635010aa8a06bbf3fb039
- SHA512
  
  c401ed116167f01910e05e2cb0fe08e5775d743a29ee122f69ecf0ae72f9ac2343861a16ddd069d518cac380e60a87dd1aaf5ce0f334df6f7420d3a2f214158f
- SSDEEP
  
  768:SVXL+uSmHRCfKy09p42hoJ0h4h2hQJVNjDkp57xXp5Rmg5Fh4hqhxOhDhzhnhvhB:SZqPfKyQ/Jh4h2hON6x5puwVT0h
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2