190b4052567e186b607e63868873d9653674d5ff4c897800838b5a48505fd776 | Triage

Sharing

General

Target

63dde2cdbbe8e09b9fef5e9485c26bed_JaffaCakes118
Size

300KB
Sample

240521-tcv5baba59
MD5

63dde2cdbbe8e09b9fef5e9485c26bed
SHA1

477e028b20faba1bd4245355cb2bdbe79e3b84b6
SHA256

190b4052567e186b607e63868873d9653674d5ff4c897800838b5a48505fd776
SHA512

151ce5c8e7f3214b90df2ada83d9a0bc053c6547ca44dd709010b3a5c8efe2c24ca76899c3f90310357cb5ef136d4cebdff6dbc7b132c44a92ddbf288c778d82
SSDEEP

6144:YqelxZpX8FrKQUhjApycmLFY8kXKB6mgkTjkfbjIXv:Lk8ZFUupycmL+4lgkTjkfoXv

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  63dde2cdbbe8e09b9fef5e9485c26bed_JaffaCakes118
- Size
  
  300KB
- MD5
  
  63dde2cdbbe8e09b9fef5e9485c26bed
- SHA1
  
  477e028b20faba1bd4245355cb2bdbe79e3b84b6
- SHA256
  
  190b4052567e186b607e63868873d9653674d5ff4c897800838b5a48505fd776
- SHA512
  
  151ce5c8e7f3214b90df2ada83d9a0bc053c6547ca44dd709010b3a5c8efe2c24ca76899c3f90310357cb5ef136d4cebdff6dbc7b132c44a92ddbf288c778d82
- SSDEEP
  
  6144:YqelxZpX8FrKQUhjApycmLFY8kXKB6mgkTjkfbjIXv:Lk8ZFUupycmL+4lgkTjkfoXv
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2