56db075b65dc96792f10a77495f010d71a6a36246f3a59c2dfa7ed9d57deb691 | Triage

Sharing

General

Target

3f129842535777b2f228750abcad46e9_JaffaCakes118
Size

74KB
Sample

240712-13xjdsvcqd
MD5

3f129842535777b2f228750abcad46e9
SHA1

d8afdc286650c25a483b247203499c9ad7ef3cb6
SHA256

56db075b65dc96792f10a77495f010d71a6a36246f3a59c2dfa7ed9d57deb691
SHA512

0fb6dcf7d995126e3528a99704d7746259ec6f322f1a7cc9a0bd474e7bc1a70bd41e1c4aa0ea61ffa3a2c21811a83a04c5d3573c03248828eeaa92362838f206
SSDEEP

1536:K65EzrP9KX5NkZxm6eZ1w6GD5x2EUbMOtARrIv3glzCneI+:KWH6Sk5x23TPfgVp

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3f129842535777b2f228750abcad46e9_JaffaCakes118
- Size
  
  74KB
- MD5
  
  3f129842535777b2f228750abcad46e9
- SHA1
  
  d8afdc286650c25a483b247203499c9ad7ef3cb6
- SHA256
  
  56db075b65dc96792f10a77495f010d71a6a36246f3a59c2dfa7ed9d57deb691
- SHA512
  
  0fb6dcf7d995126e3528a99704d7746259ec6f322f1a7cc9a0bd474e7bc1a70bd41e1c4aa0ea61ffa3a2c21811a83a04c5d3573c03248828eeaa92362838f206
- SSDEEP
  
  1536:K65EzrP9KX5NkZxm6eZ1w6GD5x2EUbMOtARrIv3glzCneI+:KWH6Sk5x23TPfgVp
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2