b587edb24442d8bb7d15b2714aedaf93aaeb6350450453ae17da376b8a8e1b11 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

10be58892f...18.exe

windows7-x64

7

10be58892f...18.exe

windows10-2004-x64

7

Sharing

General

Target

10be58892f42d51092947be10b725e44_JaffaCakes118
Size

4.5MB
Sample

241003-2dnevstdnf
MD5

10be58892f42d51092947be10b725e44
SHA1

8f2c40cbc2869ecfcf8278e6ad64e279252642b3
SHA256

b587edb24442d8bb7d15b2714aedaf93aaeb6350450453ae17da376b8a8e1b11
SHA512

0baf22f6e1c0adeaec87775eace58e5e0d32cb915062f52dcf8195498b6fe68d77463f13c04bb79f1cd3fc80651615692e0e846e9ea66a01d54275c3933d2341
SSDEEP

98304:/5oipkp31dW9bTobXYJb7gjbWDWmhOEadLPEtOri47d5DZ1Y2rtF53c:eimPAbTeIJb7bThbu2QX625r3c

Score

7^/10

discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

10be58892f42d51092947be10b725e44_JaffaCakes118.exe

Resource

win7-20240729-en

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

10be58892f42d51092947be10b725e44_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery persistence

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  10be58892f42d51092947be10b725e44_JaffaCakes118
- Size
  
  4.5MB
- MD5
  
  10be58892f42d51092947be10b725e44
- SHA1
  
  8f2c40cbc2869ecfcf8278e6ad64e279252642b3
- SHA256
  
  b587edb24442d8bb7d15b2714aedaf93aaeb6350450453ae17da376b8a8e1b11
- SHA512
  
  0baf22f6e1c0adeaec87775eace58e5e0d32cb915062f52dcf8195498b6fe68d77463f13c04bb79f1cd3fc80651615692e0e846e9ea66a01d54275c3933d2341
- SSDEEP
  
  98304:/5oipkp31dW9bTobXYJb7gjbWDWmhOEadLPEtOri47d5DZ1Y2rtF53c:eimPAbTeIJb7bThbu2QX625r3c
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy