1fe8d73f917a8390b049746a93f9726f84db515dc3df19a7608a7f61ce78d4f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd0c99bc4741da5e01026c0f20fbf51f_JaffaCakes118
Size

129KB
Sample

240912-zwx1xavfkf
MD5

dd0c99bc4741da5e01026c0f20fbf51f
SHA1

59aed183ad9bbb015035a37e375ee2fc610e3bc8
SHA256

1fe8d73f917a8390b049746a93f9726f84db515dc3df19a7608a7f61ce78d4f5
SHA512

94af81703b8f35db25c187a382b5190aec11da0153e30bc6494a4195cf15b0d3a72892915fac7eb06bd43f6070c50853a8fcb1ae0f4ec7f2f3fcdf4fa30c289c
SSDEEP

1536:fs8p0q08+9wYfwvwhWeXaLl/BmenrbRksgqsZKPFQ9tzNU1Naa9QSM0nUkdpranX:fje8+9Avuqqm8q8KPFQrNUj6XKM

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  dd0c99bc4741da5e01026c0f20fbf51f_JaffaCakes118
- Size
  
  129KB
- MD5
  
  dd0c99bc4741da5e01026c0f20fbf51f
- SHA1
  
  59aed183ad9bbb015035a37e375ee2fc610e3bc8
- SHA256
  
  1fe8d73f917a8390b049746a93f9726f84db515dc3df19a7608a7f61ce78d4f5
- SHA512
  
  94af81703b8f35db25c187a382b5190aec11da0153e30bc6494a4195cf15b0d3a72892915fac7eb06bd43f6070c50853a8fcb1ae0f4ec7f2f3fcdf4fa30c289c
- SSDEEP
  
  1536:fs8p0q08+9wYfwvwhWeXaLl/BmenrbRksgqsZKPFQ9tzNU1Naa9QSM0nUkdpranX:fje8+9Avuqqm8q8KPFQrNUj6XKM
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence