8dc78feef0cb0f76d179ddb6ab0eb9ed8f9267df4c0d6d0ea74dc27fc2ccf821 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49808f66424aec571b9d5025f36409dd_JaffaCakes118
Size

47KB
Sample

240715-m55qwswckf
MD5

49808f66424aec571b9d5025f36409dd
SHA1

38db0a611bd7d7d8aceb116fbca88768e15551d7
SHA256

8dc78feef0cb0f76d179ddb6ab0eb9ed8f9267df4c0d6d0ea74dc27fc2ccf821
SHA512

da67632a16ca5354dcc4e63c8884109513a4e4d6b4b7d57e376443ed5a93fa574226c80a5738f76b4884a88cf822bfa74433e0fbea9dc3833ddf9a5ad687a099
SSDEEP

768:8pidxpIFuQtz1c5x7TGkB+7OjHb2Fgegps5TEAnrQsN:YidxpQRzm55Zl72T8s5ZQA

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  49808f66424aec571b9d5025f36409dd_JaffaCakes118
- Size
  
  47KB
- MD5
  
  49808f66424aec571b9d5025f36409dd
- SHA1
  
  38db0a611bd7d7d8aceb116fbca88768e15551d7
- SHA256
  
  8dc78feef0cb0f76d179ddb6ab0eb9ed8f9267df4c0d6d0ea74dc27fc2ccf821
- SHA512
  
  da67632a16ca5354dcc4e63c8884109513a4e4d6b4b7d57e376443ed5a93fa574226c80a5738f76b4884a88cf822bfa74433e0fbea9dc3833ddf9a5ad687a099
- SSDEEP
  
  768:8pidxpIFuQtz1c5x7TGkB+7OjHb2Fgegps5TEAnrQsN:YidxpQRzm55Zl72T8s5ZQA
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2