700bb338ef7b0403acfbc4e533258b4450be6391acfd8eeeffede8cda3681d45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da65581bf58d8104c1a09af8c6264f62_JaffaCakes118
Size

43KB
Sample

240911-p7mn7s1fql
MD5

da65581bf58d8104c1a09af8c6264f62
SHA1

801a8df161bbeb42846c81a5d24b08e3e6e85fba
SHA256

700bb338ef7b0403acfbc4e533258b4450be6391acfd8eeeffede8cda3681d45
SHA512

93dba0406bcc7f9c13ddbd40c5274c63779a0c47eaf2f646ef8836069195dd2b446cedbfd54196ebd6d2414d748627a7b4f74aaca0e9be2aa4c1428e41d348fe
SSDEEP

768:0+1PNAymFrY8f7dq/G3utf14Pv2+7r5IO93uFW3ca7kgI+gKc+uZp0Knw5/zwo3:3L7mFn7dwG+t94PVl5eW3kgIzpZp035t

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  da65581bf58d8104c1a09af8c6264f62_JaffaCakes118
- Size
  
  43KB
- MD5
  
  da65581bf58d8104c1a09af8c6264f62
- SHA1
  
  801a8df161bbeb42846c81a5d24b08e3e6e85fba
- SHA256
  
  700bb338ef7b0403acfbc4e533258b4450be6391acfd8eeeffede8cda3681d45
- SHA512
  
  93dba0406bcc7f9c13ddbd40c5274c63779a0c47eaf2f646ef8836069195dd2b446cedbfd54196ebd6d2414d748627a7b4f74aaca0e9be2aa4c1428e41d348fe
- SSDEEP
  
  768:0+1PNAymFrY8f7dq/G3utf14Pv2+7r5IO93uFW3ca7kgI+gKc+uZp0Knw5/zwo3:3L7mFn7dwG+t94PVl5eW3kgIzpZp035t
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence