916ff7cad53410a3b01cade5d1080fa7df4666fb313dc5d1a95b259d199667c6 | Triage

Sharing

General

Target

12cb035a4cb17effd80a05320bd2b39b_JaffaCakes118
Size

472KB
Sample

240328-3hx1jabf5v
MD5

12cb035a4cb17effd80a05320bd2b39b
SHA1

d67e4c2a2960510596b846b1e08c17254f67db23
SHA256

916ff7cad53410a3b01cade5d1080fa7df4666fb313dc5d1a95b259d199667c6
SHA512

0421f1188b74530b609ad5ff8739dc0d22b8dad334ae65db807b36d146f1cae79aa462363edfbdf48f8e784446c4090433984b6eae87808139557add52306d95
SSDEEP

12288:TNodBiTI+TpZA6EZO7KUQRZ66z24VZbdrpgrXN2LWzmidN:ZoPD+TpZ3vKU6Z66z24VZbFpgJ2LWzm+

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  12cb035a4cb17effd80a05320bd2b39b_JaffaCakes118
- Size
  
  472KB
- MD5
  
  12cb035a4cb17effd80a05320bd2b39b
- SHA1
  
  d67e4c2a2960510596b846b1e08c17254f67db23
- SHA256
  
  916ff7cad53410a3b01cade5d1080fa7df4666fb313dc5d1a95b259d199667c6
- SHA512
  
  0421f1188b74530b609ad5ff8739dc0d22b8dad334ae65db807b36d146f1cae79aa462363edfbdf48f8e784446c4090433984b6eae87808139557add52306d95
- SSDEEP
  
  12288:TNodBiTI+TpZA6EZO7KUQRZ66z24VZbdrpgrXN2LWzmidN:ZoPD+TpZ3vKU6Z66z24VZbFpgJ2LWzm+
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2