080317dd5bafc6860954738443c05f42e8e959f30a5d08d4d310f2eb7faa879f | Triage

Sharing

General

Target

9477752356061d4faf949916e4bbd40f_JaffaCakes118
Size

56KB
Sample

240813-yem9pssfmd
MD5

9477752356061d4faf949916e4bbd40f
SHA1

9d3c085ee6d683c76084a95317d3efff917dba0b
SHA256

080317dd5bafc6860954738443c05f42e8e959f30a5d08d4d310f2eb7faa879f
SHA512

8b8833c73d474acfe57549b23cd82bc4a698358bae05bdb5b83fb82386ec201be0acfb217ceb0d8d646cd1aefae244bb3a729576cd9ea759b9d6f4285e4ee449
SSDEEP

768:zxZzb78qLn+ONZm+fQDiB9sOL+JnXQlSqf4tHBqVlkG4GH3D0:Eqa40+zLqu4t4kG42D

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  9477752356061d4faf949916e4bbd40f_JaffaCakes118
- Size
  
  56KB
- MD5
  
  9477752356061d4faf949916e4bbd40f
- SHA1
  
  9d3c085ee6d683c76084a95317d3efff917dba0b
- SHA256
  
  080317dd5bafc6860954738443c05f42e8e959f30a5d08d4d310f2eb7faa879f
- SHA512
  
  8b8833c73d474acfe57549b23cd82bc4a698358bae05bdb5b83fb82386ec201be0acfb217ceb0d8d646cd1aefae244bb3a729576cd9ea759b9d6f4285e4ee449
- SSDEEP
  
  768:zxZzb78qLn+ONZm+fQDiB9sOL+JnXQlSqf4tHBqVlkG4GH3D0:Eqa40+zLqu4t4kG42D
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence