f42f01c1affcc8a2568aa00c96bd1a066c2871fff6342d70c46fa97f3e4b8944 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8d4f113247f3f4990e2f23ca511e0f9_JaffaCakes118
Size

1000KB
Sample

240822-x2t54awdrl
MD5

b8d4f113247f3f4990e2f23ca511e0f9
SHA1

52ed48cbe8d3d2883934dc24f5e2b8b3757bdfd0
SHA256

f42f01c1affcc8a2568aa00c96bd1a066c2871fff6342d70c46fa97f3e4b8944
SHA512

f6d0024cf2b1684c8461a6f969b5dee4199e53d09a08186de80167f91af7f97f36914f264b2008654c2a32f55537c33b5c74b420f8c61e52c9e5c47afc552995
SSDEEP

24576:usSJc5XFE9LZwei9/hkad9MiTgoZ95w+QIeh3THCKbjYJ:usi9Lxi/lgE95whI63DCqjk

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  b8d4f113247f3f4990e2f23ca511e0f9_JaffaCakes118
- Size
  
  1000KB
- MD5
  
  b8d4f113247f3f4990e2f23ca511e0f9
- SHA1
  
  52ed48cbe8d3d2883934dc24f5e2b8b3757bdfd0
- SHA256
  
  f42f01c1affcc8a2568aa00c96bd1a066c2871fff6342d70c46fa97f3e4b8944
- SHA512
  
  f6d0024cf2b1684c8461a6f969b5dee4199e53d09a08186de80167f91af7f97f36914f264b2008654c2a32f55537c33b5c74b420f8c61e52c9e5c47afc552995
- SSDEEP
  
  24576:usSJc5XFE9LZwei9/hkad9MiTgoZ95w+QIeh3THCKbjYJ:usi9Lxi/lgE95whI63DCqjk
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence