1fceac75dcaf47add663cf2abab5d1728e8bb2f65c7f4c6d6e8d0f06af806060 | Triage

Sharing

General

Target

616e6aef2b15486c5fd5687cffb33a4b_JaffaCakes118
Size

1.0MB
Sample

240521-amck6sca95
MD5

616e6aef2b15486c5fd5687cffb33a4b
SHA1

06019d89f54e7d2467bec9da751a42966afa2fc4
SHA256

1fceac75dcaf47add663cf2abab5d1728e8bb2f65c7f4c6d6e8d0f06af806060
SHA512

497c2319756019087664a2bc4aba6d16361b6e1c3f951f674c9c956c424a31c4730d5b323c9f948e356277f2b756eaff76074652dee341010709697fc75e21f9
SSDEEP

24576:F4LGjPcLPYmx3P8ahAjr2B51J7YvE5XAP55Q2NrGQ:uLqULxf5+r2PEE9APznNJ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2343220820185117653724284721341YRWYRRRET56556U P1DF.exe
- Size
  
  1.6MB
- MD5
  
  c199e8c1d6d78839bbe8c246fe1189fa
- SHA1
  
  2751846150be33e07814bffbb93f17cd75976067
- SHA256
  
  c98348acfaf93dc66a8b44cd00303670222fcdf59ad3eb1d3ab5ad1d3b1ef92a
- SHA512
  
  67ee203a202e1db3068a22839cf7f8ff1c932fb706a9baae6ce252d10fbe0e600647703ccbfe25b08710b14c96203f2d52f57e2310926ca96b8ef31fbbd307e9
- SSDEEP
  
  24576:CoI3PGDYjSaOdiSFQY8ncjr5yKg7VwmhXtqh2wQK:+pjaiao4XghZhPwQ
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2