bb323ca75a3df746cf2e09e5f84fe651c7634ad2a2a426e0b98f07d2d8bba321 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65f05634450ed1ed15212b41509e09a7_JaffaCakes118
Size

124KB
Sample

240723-dw1wxavgkm
MD5

65f05634450ed1ed15212b41509e09a7
SHA1

b4fe28c710a303d20b17f435c145f4cccf52c150
SHA256

bb323ca75a3df746cf2e09e5f84fe651c7634ad2a2a426e0b98f07d2d8bba321
SHA512

cddcb519841139127268873dad108a4c8f3bb7f80d22d83d88547617ed5c2321a5128090d7ce987610f8de96f6c892a72860a71bc720406bce6f3bbaa59be459
SSDEEP

1536:nHEH4wR5uBxLDtVdHa27J14lWxporZ45i8NeG0h/l:HEH4wR5kLt6gJ1uPt45yt

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  65f05634450ed1ed15212b41509e09a7_JaffaCakes118
- Size
  
  124KB
- MD5
  
  65f05634450ed1ed15212b41509e09a7
- SHA1
  
  b4fe28c710a303d20b17f435c145f4cccf52c150
- SHA256
  
  bb323ca75a3df746cf2e09e5f84fe651c7634ad2a2a426e0b98f07d2d8bba321
- SHA512
  
  cddcb519841139127268873dad108a4c8f3bb7f80d22d83d88547617ed5c2321a5128090d7ce987610f8de96f6c892a72860a71bc720406bce6f3bbaa59be459
- SSDEEP
  
  1536:nHEH4wR5uBxLDtVdHa27J14lWxporZ45i8NeG0h/l:HEH4wR5kLt6gJ1uPt45yt
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence