eefe0d54e0ad4458a6b1620811d4cc3eb61f1e0ec575c0d5ac8cf6c23611c037 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87fb775f6908faaa9f9905cd8c1d93f9_JaffaCakes118
Size

27KB
Sample

240810-2qsv4swfkc
MD5

87fb775f6908faaa9f9905cd8c1d93f9
SHA1

a3c4e13aeb2cc49d9313ff457dc9dbaec88455cf
SHA256

eefe0d54e0ad4458a6b1620811d4cc3eb61f1e0ec575c0d5ac8cf6c23611c037
SHA512

e85bbdcb099376abef35054be252d0cf5ec4c7743af9b0a7f8b39293fb80673f70f763bde431c57186ef27df946220d39812cc511c826e3d6e2ce0fa72cbd303
SSDEEP

768:YBZFQ6vjpSOJycG+L0mNvjaRziDG/jDQjjmWTe+Hc9lst0:qfdG7+L0mNvjaRziDG/jDQjjmW9Hc9CC

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  87fb775f6908faaa9f9905cd8c1d93f9_JaffaCakes118
- Size
  
  27KB
- MD5
  
  87fb775f6908faaa9f9905cd8c1d93f9
- SHA1
  
  a3c4e13aeb2cc49d9313ff457dc9dbaec88455cf
- SHA256
  
  eefe0d54e0ad4458a6b1620811d4cc3eb61f1e0ec575c0d5ac8cf6c23611c037
- SHA512
  
  e85bbdcb099376abef35054be252d0cf5ec4c7743af9b0a7f8b39293fb80673f70f763bde431c57186ef27df946220d39812cc511c826e3d6e2ce0fa72cbd303
- SSDEEP
  
  768:YBZFQ6vjpSOJycG+L0mNvjaRziDG/jDQjjmWTe+Hc9lst0:qfdG7+L0mNvjaRziDG/jDQjjmW9Hc9CC
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2