e5824d1d544b06377e4fa96676731c438f3f29168929955c5f380196f3e32966 | Triage

Sharing

General

Target

f6ca6cdfb767c631d6711e8d7fecf1d6_JaffaCakes118
Size

194KB
Sample

240417-3ah7eaad9v
MD5

f6ca6cdfb767c631d6711e8d7fecf1d6
SHA1

db9aa4e579998cb751031f026556bf4a08f9f5fe
SHA256

e5824d1d544b06377e4fa96676731c438f3f29168929955c5f380196f3e32966
SHA512

303d36162a214edf0ee5a33fdf9fd765512e136cf83618e5255dbd4034aa93903b328bb47e31fb20aac6c3475eae6121658425bf06b254ba5d7da0336954cf69
SSDEEP

3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8AkgnYD:o68i3odBiTl2+TCU/Wk8s

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f6ca6cdfb767c631d6711e8d7fecf1d6_JaffaCakes118
- Size
  
  194KB
- MD5
  
  f6ca6cdfb767c631d6711e8d7fecf1d6
- SHA1
  
  db9aa4e579998cb751031f026556bf4a08f9f5fe
- SHA256
  
  e5824d1d544b06377e4fa96676731c438f3f29168929955c5f380196f3e32966
- SHA512
  
  303d36162a214edf0ee5a33fdf9fd765512e136cf83618e5255dbd4034aa93903b328bb47e31fb20aac6c3475eae6121658425bf06b254ba5d7da0336954cf69
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8AkgnYD:o68i3odBiTl2+TCU/Wk8s
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2