ee006269107ab065dc4a1faaa0385aee3ad742c1d9559e0903d5daf54a2c40ae | Triage

Sharing

General

Target

084a98df2578014a6a438bbebf073f3d_JaffaCakes118
Size

43KB
Sample

241002-b3bjgs1ckl
MD5

084a98df2578014a6a438bbebf073f3d
SHA1

1568f2273314c2323862beda1974c8bf92e5ba30
SHA256

ee006269107ab065dc4a1faaa0385aee3ad742c1d9559e0903d5daf54a2c40ae
SHA512

2765cf94dc047312abb14ba6e273d4276254daf8442090d5816c419ea18a68de55f18b944f527b69f3b68b6161d6e61a4a8db295816a0bd7180d216c16f306c6
SSDEEP

768:nAKiuDaSA1BlLHM+mA37Wl4VBimP0hntn7b0nAy/Q+up/f8qkTlVaxLfFi:nAKiuSvLPBPYt73y/Wp38TbkE

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  084a98df2578014a6a438bbebf073f3d_JaffaCakes118
- Size
  
  43KB
- MD5
  
  084a98df2578014a6a438bbebf073f3d
- SHA1
  
  1568f2273314c2323862beda1974c8bf92e5ba30
- SHA256
  
  ee006269107ab065dc4a1faaa0385aee3ad742c1d9559e0903d5daf54a2c40ae
- SHA512
  
  2765cf94dc047312abb14ba6e273d4276254daf8442090d5816c419ea18a68de55f18b944f527b69f3b68b6161d6e61a4a8db295816a0bd7180d216c16f306c6
- SSDEEP
  
  768:nAKiuDaSA1BlLHM+mA37Wl4VBimP0hntn7b0nAy/Q+up/f8qkTlVaxLfFi:nAKiuSvLPBPYt73y/Wp38TbkE
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence