02e09786ef0bc6c74a08345b435484b3982b99e706018e22034adba0710d8369 | Triage

Sharing

General

Target

688f4ebda009f173216178ceb262b5ab_JaffaCakes118
Size

36KB
Sample

240723-v7elgsthnb
MD5

688f4ebda009f173216178ceb262b5ab
SHA1

27c69b9d2daaa052e235f8b88c74cae8cf27bfa7
SHA256

02e09786ef0bc6c74a08345b435484b3982b99e706018e22034adba0710d8369
SHA512

67a262a310a317594bc487b9ce82242e2ce229882f731f0ec9a2197198591c1273c3ddd612b5644ab23cf26f075338f276a283fac8ac10045ffe5cf5adec9da9
SSDEEP

768:KfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VW:KQdEcyXrC/GsnsIVW

Score

8^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  688f4ebda009f173216178ceb262b5ab_JaffaCakes118
- Size
  
  36KB
- MD5
  
  688f4ebda009f173216178ceb262b5ab
- SHA1
  
  27c69b9d2daaa052e235f8b88c74cae8cf27bfa7
- SHA256
  
  02e09786ef0bc6c74a08345b435484b3982b99e706018e22034adba0710d8369
- SHA512
  
  67a262a310a317594bc487b9ce82242e2ce229882f731f0ec9a2197198591c1273c3ddd612b5644ab23cf26f075338f276a283fac8ac10045ffe5cf5adec9da9
- SSDEEP
  
  768:KfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VW:KQdEcyXrC/GsnsIVW
Score

8^/10

discovery persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation