cfcddaf3d3036ce6c7865df9dd4e35e9ffc3ad2c606c2924a2fbc8c2177348b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

418c0dcbb7226918d4d5872fb3d290f9_JaffaCakes118
Size

252KB
Sample

240713-nzlaqs1hja
MD5

418c0dcbb7226918d4d5872fb3d290f9
SHA1

7ad70c0f85bfb2b3e9dfe379705914631b1fa05c
SHA256

cfcddaf3d3036ce6c7865df9dd4e35e9ffc3ad2c606c2924a2fbc8c2177348b2
SHA512

d20cfe6b1fd055172fdaba239c242f728240c4127613de1e7e677d21dfcb4114858c20f621d93f25dff67e0b77b3125e9cf1197a1dabb85a701f2317c47408b7
SSDEEP

3072:grAc8x7LaqxWsNvZ0OgRqTAJcLGGO/xuiEyJeOOeGs5oxnkNzQKtjvz:grO8Cx/ZLA4PmG6dj

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  418c0dcbb7226918d4d5872fb3d290f9_JaffaCakes118
- Size
  
  252KB
- MD5
  
  418c0dcbb7226918d4d5872fb3d290f9
- SHA1
  
  7ad70c0f85bfb2b3e9dfe379705914631b1fa05c
- SHA256
  
  cfcddaf3d3036ce6c7865df9dd4e35e9ffc3ad2c606c2924a2fbc8c2177348b2
- SHA512
  
  d20cfe6b1fd055172fdaba239c242f728240c4127613de1e7e677d21dfcb4114858c20f621d93f25dff67e0b77b3125e9cf1197a1dabb85a701f2317c47408b7
- SSDEEP
  
  3072:grAc8x7LaqxWsNvZ0OgRqTAJcLGGO/xuiEyJeOOeGs5oxnkNzQKtjvz:grO8Cx/ZLA4PmG6dj
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence