a22f4c862e237d0e757f7023a09eac030513171a772ac392a453672375d19602 | Triage

Sharing

General

Target

87440031a2322e96b4b7f3ed0c609db0_JaffaCakes118
Size

46KB
Sample

240810-xltjmaxcje
MD5

87440031a2322e96b4b7f3ed0c609db0
SHA1

fb8703d92bd3c31957be80c7f48a8cf3b3d0298c
SHA256

a22f4c862e237d0e757f7023a09eac030513171a772ac392a453672375d19602
SHA512

4372276fd3c666d5e61faa9c024def36dbac0d0586fb184d1de3d613c0ad6550e24d7eca74bcda43c01f62e3f9ced82522329c788514b9a0a2ee1b7a698d1b6f
SSDEEP

768:wvRnZPRWqi0RaLnFFZuWGEnrFU4wDQtgt5wgFnNiFJzuLOPv:qO0W3ZuWvnrFwDQmwgFnNiFtv

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  87440031a2322e96b4b7f3ed0c609db0_JaffaCakes118
- Size
  
  46KB
- MD5
  
  87440031a2322e96b4b7f3ed0c609db0
- SHA1
  
  fb8703d92bd3c31957be80c7f48a8cf3b3d0298c
- SHA256
  
  a22f4c862e237d0e757f7023a09eac030513171a772ac392a453672375d19602
- SHA512
  
  4372276fd3c666d5e61faa9c024def36dbac0d0586fb184d1de3d613c0ad6550e24d7eca74bcda43c01f62e3f9ced82522329c788514b9a0a2ee1b7a698d1b6f
- SSDEEP
  
  768:wvRnZPRWqi0RaLnFFZuWGEnrFU4wDQtgt5wgFnNiFJzuLOPv:qO0W3ZuWvnrFwDQmwgFnNiFtv
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence