4be976fc6a7aa0b707546a1e859fdb3da7de82f23ed805d980d22ae9bbc42697 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

6a4add9a4f...18.exe

windows7-x64

8

6a4add9a4f...18.exe

windows10-2004-x64

8

Sharing

General

Target

6a4add9a4f25b3693f2395ccc866e6dd_JaffaCakes118
Size

115KB
Sample

240724-fee9zssaqh
MD5

6a4add9a4f25b3693f2395ccc866e6dd
SHA1

8d0f6f8e3d4850ffc2156ad18a347282ca1c0915
SHA256

4be976fc6a7aa0b707546a1e859fdb3da7de82f23ed805d980d22ae9bbc42697
SHA512

8fe35d56f6cc2abb1e741e077490ca8ee605b9d50037f5a7c702c38ef9a72f4db98aeac613a6a5725320cb9b21f95770e4760d0a921ff45455e30257b42e8a7e
SSDEEP

3072:a49WjvJgLYkrO5JBsFaOLfLc2P67LSBnDx7FX8LwJM:aekvJCYuO9SaOLTcZLc975tM

Score

8^/10

discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6a4add9a4f25b3693f2395ccc866e6dd_JaffaCakes118.exe

Resource

win7-20240705-en

discovery persistence

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a4add9a4f25b3693f2395ccc866e6dd_JaffaCakes118.exe

Resource

win10v2004-20240709-en

discovery persistence

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  6a4add9a4f25b3693f2395ccc866e6dd_JaffaCakes118
- Size
  
  115KB
- MD5
  
  6a4add9a4f25b3693f2395ccc866e6dd
- SHA1
  
  8d0f6f8e3d4850ffc2156ad18a347282ca1c0915
- SHA256
  
  4be976fc6a7aa0b707546a1e859fdb3da7de82f23ed805d980d22ae9bbc42697
- SHA512
  
  8fe35d56f6cc2abb1e741e077490ca8ee605b9d50037f5a7c702c38ef9a72f4db98aeac613a6a5725320cb9b21f95770e4760d0a921ff45455e30257b42e8a7e
- SSDEEP
  
  3072:a49WjvJgLYkrO5JBsFaOLfLc2P67LSBnDx7FX8LwJM:aekvJCYuO9SaOLTcZLc975tM
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy