4d368f0772bcb89e211c92c70d29f3540afbefb0cb7567b69bde99d190f67a10 | Triage

Sharing

General

Target

27368a062dfb5115722356e9c178f40c_JaffaCakes118
Size

42KB
Sample

240705-3vz1nazakq
MD5

27368a062dfb5115722356e9c178f40c
SHA1

7abfd2b0ef2ec15197d0c2bd466bcc8bdd07ac94
SHA256

4d368f0772bcb89e211c92c70d29f3540afbefb0cb7567b69bde99d190f67a10
SHA512

26b287117a2852be39936552ef540704530451455e2ed097e1a752fd0d6e16243645ed19c2ad209a2ac5f182cec6777ac28f2e2ee935e3d2a437bd02e9541680
SSDEEP

768:kjGwQhoBl3KGryrtHR+SafO68PjCf7QM+NKgwjkwkwhT:kjG4KUgxbqe6QJwjksZ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  27368a062dfb5115722356e9c178f40c_JaffaCakes118
- Size
  
  42KB
- MD5
  
  27368a062dfb5115722356e9c178f40c
- SHA1
  
  7abfd2b0ef2ec15197d0c2bd466bcc8bdd07ac94
- SHA256
  
  4d368f0772bcb89e211c92c70d29f3540afbefb0cb7567b69bde99d190f67a10
- SHA512
  
  26b287117a2852be39936552ef540704530451455e2ed097e1a752fd0d6e16243645ed19c2ad209a2ac5f182cec6777ac28f2e2ee935e3d2a437bd02e9541680
- SSDEEP
  
  768:kjGwQhoBl3KGryrtHR+SafO68PjCf7QM+NKgwjkwkwhT:kjG4KUgxbqe6QJwjksZ
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2