894b1035b22d5321155f5ee74f590eabb7c52aa554bcadeb0b4c28be93ee9747 | Triage

Sharing

General

Target

688e14c833fbf6c95e9650360d02dd0c_JaffaCakes118
Size

291KB
Sample

240522-zfqxnafh58
MD5

688e14c833fbf6c95e9650360d02dd0c
SHA1

44df08300d83f1d8b8d718b8f7a784ff7e9c70a0
SHA256

894b1035b22d5321155f5ee74f590eabb7c52aa554bcadeb0b4c28be93ee9747
SHA512

6149170aea4880962d5f28f35a0cd6758ee29326b04ebe73323dbe0850623cbbece20f706d95119add021caf34a642f34a52695fcfe8bf5f20eab11b904a3e37
SSDEEP

6144:wZUyi7Uh0WQaaAJ0UU4BVSEqkm+mYcy9BhcjhLh1sz3s2m:wip7UhEaJJ0UGENJmVyPhqJnMs3

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  688e14c833fbf6c95e9650360d02dd0c_JaffaCakes118
- Size
  
  291KB
- MD5
  
  688e14c833fbf6c95e9650360d02dd0c
- SHA1
  
  44df08300d83f1d8b8d718b8f7a784ff7e9c70a0
- SHA256
  
  894b1035b22d5321155f5ee74f590eabb7c52aa554bcadeb0b4c28be93ee9747
- SHA512
  
  6149170aea4880962d5f28f35a0cd6758ee29326b04ebe73323dbe0850623cbbece20f706d95119add021caf34a642f34a52695fcfe8bf5f20eab11b904a3e37
- SSDEEP
  
  6144:wZUyi7Uh0WQaaAJ0UU4BVSEqkm+mYcy9BhcjhLh1sz3s2m:wip7UhEaJJ0UGENJmVyPhqJnMs3
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2