8b7aa5f3d1de7d975b99d8fcec533644e01d637e25149e87f861279d222c3d5c | Triage

Sharing

General

Target

1545681d79d3675f171282a55784ad27_JaffaCakes118
Size

164KB
Sample

240627-j2fe2szfqh
MD5

1545681d79d3675f171282a55784ad27
SHA1

fa49156ee12bcac729a66414c0ed4f82c0ec565c
SHA256

8b7aa5f3d1de7d975b99d8fcec533644e01d637e25149e87f861279d222c3d5c
SHA512

05695cf98caa7957fbdcfc13a5d9e94723176201690d91aec5ccc31b80dbf68fade0b0c77e5bc3c522610850737d136af9808a196e1f3fdf724bda3dcb37a63a
SSDEEP

1536:EsA4zZ11VM5jL1ddUrlBlrlrlklLWeEaSj0Zv+o:EsAwMnWeUjQ/

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  1545681d79d3675f171282a55784ad27_JaffaCakes118
- Size
  
  164KB
- MD5
  
  1545681d79d3675f171282a55784ad27
- SHA1
  
  fa49156ee12bcac729a66414c0ed4f82c0ec565c
- SHA256
  
  8b7aa5f3d1de7d975b99d8fcec533644e01d637e25149e87f861279d222c3d5c
- SHA512
  
  05695cf98caa7957fbdcfc13a5d9e94723176201690d91aec5ccc31b80dbf68fade0b0c77e5bc3c522610850737d136af9808a196e1f3fdf724bda3dcb37a63a
- SSDEEP
  
  1536:EsA4zZ11VM5jL1ddUrlBlrlrlklLWeEaSj0Zv+o:EsAwMnWeUjQ/
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence