74e080f0f98e8c250774bb30d4978ac50188502895d420c022fd03f53f29f88a | Triage

Sharing

General

Target

27dd7cd599665b1e3ea406fad3518bb7_JaffaCakes118
Size

148KB
Sample

240706-j56fmssbjl
MD5

27dd7cd599665b1e3ea406fad3518bb7
SHA1

28e8aee41272c171b45abecebbe93fca67c24fce
SHA256

74e080f0f98e8c250774bb30d4978ac50188502895d420c022fd03f53f29f88a
SHA512

19a512367fc935518e757ed3501e95c82fac7a715da9961c66201088785970135a75f3cd6ebcf4bae57faa8d0f6d9b2905aa11a5ee07d9feb186e3bb056daa1f
SSDEEP

3072:gG5BVnzPVigj6G7gW1lktdViKPkKE9qKIu5pE5j4oQjQ:bBVz9Fj7b1eyvXIvdgQ

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  27dd7cd599665b1e3ea406fad3518bb7_JaffaCakes118
- Size
  
  148KB
- MD5
  
  27dd7cd599665b1e3ea406fad3518bb7
- SHA1
  
  28e8aee41272c171b45abecebbe93fca67c24fce
- SHA256
  
  74e080f0f98e8c250774bb30d4978ac50188502895d420c022fd03f53f29f88a
- SHA512
  
  19a512367fc935518e757ed3501e95c82fac7a715da9961c66201088785970135a75f3cd6ebcf4bae57faa8d0f6d9b2905aa11a5ee07d9feb186e3bb056daa1f
- SSDEEP
  
  3072:gG5BVnzPVigj6G7gW1lktdViKPkKE9qKIu5pE5j4oQjQ:bBVz9Fj7b1eyvXIvdgQ
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence