cc1374988d0643bf146b3553c6f2879417a3683c000095e4df5bc839af1192f7 | Triage

Sharing

General

Target

6029ffbf6490fa90fe5ec529c5c178e3_JaffaCakes118
Size

47KB
Sample

240720-ms1leaycjq
MD5

6029ffbf6490fa90fe5ec529c5c178e3
SHA1

9a77d2f18670607ba99c0b8d68a552bb4b75857b
SHA256

cc1374988d0643bf146b3553c6f2879417a3683c000095e4df5bc839af1192f7
SHA512

b7d63d5cd189b3654f535595cd7473de55664669736b404554c62171f1daa85082954db1f873da4dbd77d74f0d77717fe9a522d6a19b26280361df71d3664f89
SSDEEP

768:iAHYjqn/Ch3fRtQVE1oLG9EIK1aDD0yz9PkMpEIifI4IXyuQNTPkn:50hJyVE1t9ytg9PmpmyuQNT

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6029ffbf6490fa90fe5ec529c5c178e3_JaffaCakes118
- Size
  
  47KB
- MD5
  
  6029ffbf6490fa90fe5ec529c5c178e3
- SHA1
  
  9a77d2f18670607ba99c0b8d68a552bb4b75857b
- SHA256
  
  cc1374988d0643bf146b3553c6f2879417a3683c000095e4df5bc839af1192f7
- SHA512
  
  b7d63d5cd189b3654f535595cd7473de55664669736b404554c62171f1daa85082954db1f873da4dbd77d74f0d77717fe9a522d6a19b26280361df71d3664f89
- SSDEEP
  
  768:iAHYjqn/Ch3fRtQVE1oLG9EIK1aDD0yz9PkMpEIifI4IXyuQNTPkn:50hJyVE1t9ytg9PmpmyuQNT
Score

8^/10

persistence
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2