d774d7e556f4fcb97e8f7349c4e54ad212eede5ab74f1ba0eaa61009b657bdb3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba7ebbe42b7215e9776d9ca0e648f442_JaffaCakes118
Size

11KB
Sample

240823-fyz4haxbjd
MD5

ba7ebbe42b7215e9776d9ca0e648f442
SHA1

d895e22ae73865b8b49dc711b1af37c0a64f23b2
SHA256

d774d7e556f4fcb97e8f7349c4e54ad212eede5ab74f1ba0eaa61009b657bdb3
SHA512

625b3942384863b427bd28a133c6da855d2aca94991997440ea40d92cd3c449d3e6c12d676c2d4201069fde809adc660f90a6aece3ff81d6cac24384ec1b0e6c
SSDEEP

192:PZH+V+cXezw8XvjzS29KvHzIo11J/lqZI:R+IcXeUWjzSAJo11bqu

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ba7ebbe42b7215e9776d9ca0e648f442_JaffaCakes118
- Size
  
  11KB
- MD5
  
  ba7ebbe42b7215e9776d9ca0e648f442
- SHA1
  
  d895e22ae73865b8b49dc711b1af37c0a64f23b2
- SHA256
  
  d774d7e556f4fcb97e8f7349c4e54ad212eede5ab74f1ba0eaa61009b657bdb3
- SHA512
  
  625b3942384863b427bd28a133c6da855d2aca94991997440ea40d92cd3c449d3e6c12d676c2d4201069fde809adc660f90a6aece3ff81d6cac24384ec1b0e6c
- SSDEEP
  
  192:PZH+V+cXezw8XvjzS29KvHzIo11J/lqZI:R+IcXeUWjzSAJo11bqu
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence