7285c09b613a6d73bd7982011a13abdf56c39a2302d88a314b47836eb426ba4e | Triage

Sharing

General

Target

70e49a354e53708d81202744ae8fc1c6_JaffaCakes118
Size

57KB
Sample

240725-x1rnksyhmp
MD5

70e49a354e53708d81202744ae8fc1c6
SHA1

24746e0dbaa653171c308be8759d866e91e61a2f
SHA256

7285c09b613a6d73bd7982011a13abdf56c39a2302d88a314b47836eb426ba4e
SHA512

a1a132cb17b9fae471633dd3c30c4fc7b1b1cbee61ff302e008b0b910f78ed943a2c26dcc183d3615e9685a8d4b36755de6f98a03993fd592f89d6f942cdc84c
SSDEEP

1536:MYE8pu3/c5YtKIuaHQ3mZUdkjXDRFdy7ABwj8AoUwLPb2:MYE8pu3/c5YtKIuaHQ3mZUdkjNy7c28I

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  70e49a354e53708d81202744ae8fc1c6_JaffaCakes118
- Size
  
  57KB
- MD5
  
  70e49a354e53708d81202744ae8fc1c6
- SHA1
  
  24746e0dbaa653171c308be8759d866e91e61a2f
- SHA256
  
  7285c09b613a6d73bd7982011a13abdf56c39a2302d88a314b47836eb426ba4e
- SHA512
  
  a1a132cb17b9fae471633dd3c30c4fc7b1b1cbee61ff302e008b0b910f78ed943a2c26dcc183d3615e9685a8d4b36755de6f98a03993fd592f89d6f942cdc84c
- SSDEEP
  
  1536:MYE8pu3/c5YtKIuaHQ3mZUdkjXDRFdy7ABwj8AoUwLPb2:MYE8pu3/c5YtKIuaHQ3mZUdkjNy7c28I
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence