3363a608271f005b2d0319217a28c2c4f3c69d2da604b78ba3790154c26690b9 | Triage

Sharing

General

Target

445cc1b04da413eccabdb54c94c5373d_JaffaCakes118
Size

659KB
Sample

240714-fdr76azbma
MD5

445cc1b04da413eccabdb54c94c5373d
SHA1

5a2bf479c91c41766df99758e63de6b46e1c1a26
SHA256

3363a608271f005b2d0319217a28c2c4f3c69d2da604b78ba3790154c26690b9
SHA512

51c8b445f3cc96e36f307e5fd1babe7581720237aa767701da8a70ed118dbf58c7f523625fd3e7a81ecab25dfbda1f20fec4a388961cf711d75c70bdd3820322
SSDEEP

12288:UoXxzKd/nkGxfbONF1M1ei4vf9EMhsdLG73VGmU4evF3MXUKf7:UKZQ/kGxfbONF84vVEesd63VTc3MX

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  445cc1b04da413eccabdb54c94c5373d_JaffaCakes118
- Size
  
  659KB
- MD5
  
  445cc1b04da413eccabdb54c94c5373d
- SHA1
  
  5a2bf479c91c41766df99758e63de6b46e1c1a26
- SHA256
  
  3363a608271f005b2d0319217a28c2c4f3c69d2da604b78ba3790154c26690b9
- SHA512
  
  51c8b445f3cc96e36f307e5fd1babe7581720237aa767701da8a70ed118dbf58c7f523625fd3e7a81ecab25dfbda1f20fec4a388961cf711d75c70bdd3820322
- SSDEEP
  
  12288:UoXxzKd/nkGxfbONF1M1ei4vf9EMhsdLG73VGmU4evF3MXUKf7:UKZQ/kGxfbONF84vVEesd63VTc3MX
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2