33bd9f86ffb155a587e1e4d7907a6e19001f23de02c3bdf4a3c8fcfaa37b876b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27eb581de1531d88ffefa86541a73bd5_JaffaCakes118
Size

949KB
Sample

240706-khfgdaveqf
MD5

27eb581de1531d88ffefa86541a73bd5
SHA1

72e05e95556badec9cc2ca41134adc07625c1dd6
SHA256

33bd9f86ffb155a587e1e4d7907a6e19001f23de02c3bdf4a3c8fcfaa37b876b
SHA512

9762ab23615c1d6f4bf40fbc25ef04940755e0903d8334203e865a0fc0aed8a2df95c93c7b097d3b0368b2538e74b80a9c440ef9f0214c46108d5b0e32891a46
SSDEEP

12288:F/Y/iWpACmkfqnysW7ti/Pjwthpu940QEusQOF1g/olKXpbJODVG5rdiU1f2W4Nm:Flc/puA5rgUN2l9/nY8

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  27eb581de1531d88ffefa86541a73bd5_JaffaCakes118
- Size
  
  949KB
- MD5
  
  27eb581de1531d88ffefa86541a73bd5
- SHA1
  
  72e05e95556badec9cc2ca41134adc07625c1dd6
- SHA256
  
  33bd9f86ffb155a587e1e4d7907a6e19001f23de02c3bdf4a3c8fcfaa37b876b
- SHA512
  
  9762ab23615c1d6f4bf40fbc25ef04940755e0903d8334203e865a0fc0aed8a2df95c93c7b097d3b0368b2538e74b80a9c440ef9f0214c46108d5b0e32891a46
- SSDEEP
  
  12288:F/Y/iWpACmkfqnysW7ti/Pjwthpu940QEusQOF1g/olKXpbJODVG5rdiU1f2W4Nm:Flc/puA5rgUN2l9/nY8
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2