a5653761a6a7907770aef2ce11531d08268256e32fb05f94eb04ab84f89abcda | Triage

Sharing

General

Target

eaa1201e57af2322498e83f38be30185_JaffaCakes118
Size

68KB
Sample

240919-fmjmdasaqa
MD5

eaa1201e57af2322498e83f38be30185
SHA1

03226d0ae8c47cb578e9e4b7329f0f35a2308952
SHA256

a5653761a6a7907770aef2ce11531d08268256e32fb05f94eb04ab84f89abcda
SHA512

88c923f52eb0730e243b55f85e4d146cea27088a4e26284010133e25b0b4bdfeb98b1316f39bc9f260ca607e4ff1cf90ab835648047513b98b8c9fe1aa4bd50e
SSDEEP

1536:F5neEhlcTW5sk13tf2XDWINndIcN6J5aOk/nl9Oj3wi:nnj93tfUyINndIc0J5aOQA9

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  eaa1201e57af2322498e83f38be30185_JaffaCakes118
- Size
  
  68KB
- MD5
  
  eaa1201e57af2322498e83f38be30185
- SHA1
  
  03226d0ae8c47cb578e9e4b7329f0f35a2308952
- SHA256
  
  a5653761a6a7907770aef2ce11531d08268256e32fb05f94eb04ab84f89abcda
- SHA512
  
  88c923f52eb0730e243b55f85e4d146cea27088a4e26284010133e25b0b4bdfeb98b1316f39bc9f260ca607e4ff1cf90ab835648047513b98b8c9fe1aa4bd50e
- SSDEEP
  
  1536:F5neEhlcTW5sk13tf2XDWINndIcN6J5aOk/nl9Oj3wi:nnj93tfUyINndIc0J5aOQA9
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence