a306fd33e3df77861909c7c27ec90cfe90d11a47c768f448012882517cf7701a | Triage

Sharing

General

Target

66dc240f7587c18ef0f46c54024ae880_JaffaCakes118
Size

100KB
Sample

240723-kjnjdaxfpl
MD5

66dc240f7587c18ef0f46c54024ae880
SHA1

0adc4e63333d42aa369169a19d2b393fed00486f
SHA256

a306fd33e3df77861909c7c27ec90cfe90d11a47c768f448012882517cf7701a
SHA512

20baeb00aa485bc994e36e63f39853300e7ee5ecff562364a3807ee995500179bf28af52667ac6ead53614c80c9aa36ef52e60a8a495a369e0b6daef6f6bce6e
SSDEEP

1536:94tGb82NTzwMMGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:Rw7urPX7CKCnlJ

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  66dc240f7587c18ef0f46c54024ae880_JaffaCakes118
- Size
  
  100KB
- MD5
  
  66dc240f7587c18ef0f46c54024ae880
- SHA1
  
  0adc4e63333d42aa369169a19d2b393fed00486f
- SHA256
  
  a306fd33e3df77861909c7c27ec90cfe90d11a47c768f448012882517cf7701a
- SHA512
  
  20baeb00aa485bc994e36e63f39853300e7ee5ecff562364a3807ee995500179bf28af52667ac6ead53614c80c9aa36ef52e60a8a495a369e0b6daef6f6bce6e
- SSDEEP
  
  1536:94tGb82NTzwMMGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:Rw7urPX7CKCnlJ
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence