08359d8a6de5359fd029c1854b975a0235f11bab09a1875a5d419b4167176cb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fb92e34243dd08ef7bf4114f6b22668_JaffaCakes118
Size

232KB
Sample

240720-j7mfjstfnq
MD5

5fb92e34243dd08ef7bf4114f6b22668
SHA1

4411e93cb5a08a38ec67826b49ab76e4fc4f99de
SHA256

08359d8a6de5359fd029c1854b975a0235f11bab09a1875a5d419b4167176cb5
SHA512

6fd829b82891e48c495bcd2410cd2b50d1feb37146d1a202dfe43f32964abd6183cb74299a6eed98e8a5a4678ed208e4ed907a809401800088b2fc6a87c035e5
SSDEEP

6144:g93PFKs7STL6eEqxF6snji81RUinKn3Kt+dNFcS0:SPhPDFcB

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  5fb92e34243dd08ef7bf4114f6b22668_JaffaCakes118
- Size
  
  232KB
- MD5
  
  5fb92e34243dd08ef7bf4114f6b22668
- SHA1
  
  4411e93cb5a08a38ec67826b49ab76e4fc4f99de
- SHA256
  
  08359d8a6de5359fd029c1854b975a0235f11bab09a1875a5d419b4167176cb5
- SHA512
  
  6fd829b82891e48c495bcd2410cd2b50d1feb37146d1a202dfe43f32964abd6183cb74299a6eed98e8a5a4678ed208e4ed907a809401800088b2fc6a87c035e5
- SSDEEP
  
  6144:g93PFKs7STL6eEqxF6snji81RUinKn3Kt+dNFcS0:SPhPDFcB
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence