aaa7ed4aa406e72c093f73fabda35bbc6a5e56fbed0f2bfb5decff7eedf38c0f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4501968ad58750bb56eab679be9b4f7c_JaffaCakes118
Size

18KB
Sample

240714-j4qzkavfqa
MD5

4501968ad58750bb56eab679be9b4f7c
SHA1

4d3cae112a0ffa40b401450f31ecd16ebac491e1
SHA256

aaa7ed4aa406e72c093f73fabda35bbc6a5e56fbed0f2bfb5decff7eedf38c0f
SHA512

a7449b3a45e9645c0a56d32bf13f570a0574c1f0f92b6ebf6ef799cce7762cf1868487d171c163837f8c5de926769e0578bf28a07ae05a043697d7b38faadb1d
SSDEEP

384:0Fc92/j14DgqtZXeBg+lOlw4ZREoxHQPDXnEFft:IcKaDLOeQPYht

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4501968ad58750bb56eab679be9b4f7c_JaffaCakes118
- Size
  
  18KB
- MD5
  
  4501968ad58750bb56eab679be9b4f7c
- SHA1
  
  4d3cae112a0ffa40b401450f31ecd16ebac491e1
- SHA256
  
  aaa7ed4aa406e72c093f73fabda35bbc6a5e56fbed0f2bfb5decff7eedf38c0f
- SHA512
  
  a7449b3a45e9645c0a56d32bf13f570a0574c1f0f92b6ebf6ef799cce7762cf1868487d171c163837f8c5de926769e0578bf28a07ae05a043697d7b38faadb1d
- SSDEEP
  
  384:0Fc92/j14DgqtZXeBg+lOlw4ZREoxHQPDXnEFft:IcKaDLOeQPYht
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2