f418a4d02c9e155e192e34a8c91f01ae96af15699bbc1ab1073e75acaa9a0b87 | Triage

Sharing

General

Target

ba33cafd58294e0f8b51da1fd785ae22_JaffaCakes118
Size

232KB
Sample

240823-d52vkawamr
MD5

ba33cafd58294e0f8b51da1fd785ae22
SHA1

64eb6eb356506834ddde61a5a4269323f2ecd570
SHA256

f418a4d02c9e155e192e34a8c91f01ae96af15699bbc1ab1073e75acaa9a0b87
SHA512

6c144bb8247f89f545416d01e4707de53fc5bc781a18bdee6f7c35340622ef4a59d2e1deff10fe088f0688b996fbb55ad34d51d9cb093ee2d3aa23e40a2746ff
SSDEEP

6144:Zyz3PFKs78vpRTlEqxF6snji81RUinKbLOP:uPhpm

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  ba33cafd58294e0f8b51da1fd785ae22_JaffaCakes118
- Size
  
  232KB
- MD5
  
  ba33cafd58294e0f8b51da1fd785ae22
- SHA1
  
  64eb6eb356506834ddde61a5a4269323f2ecd570
- SHA256
  
  f418a4d02c9e155e192e34a8c91f01ae96af15699bbc1ab1073e75acaa9a0b87
- SHA512
  
  6c144bb8247f89f545416d01e4707de53fc5bc781a18bdee6f7c35340622ef4a59d2e1deff10fe088f0688b996fbb55ad34d51d9cb093ee2d3aa23e40a2746ff
- SSDEEP
  
  6144:Zyz3PFKs78vpRTlEqxF6snji81RUinKbLOP:uPhpm
Score

10^/10

discovery evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence