b6d7b4f946942a910f240017add9f48d7b465ae33ed89481ec4284abc6033aca | Triage

Sharing

General

Target

0692774b9ac4abf855fd0f2ad828bd96_JaffaCakes118
Size

422KB
Sample

240620-q44zra1bmh
MD5

0692774b9ac4abf855fd0f2ad828bd96
SHA1

6177a2973bd979875b5849de3c9855af36518504
SHA256

b6d7b4f946942a910f240017add9f48d7b465ae33ed89481ec4284abc6033aca
SHA512

2610139ccec0207ac4c834d6352969dd944432b5bde9fc4b000a68e32ced87a942d70b7fb555378c8925846d6ead4a5d3241c9e9d83491743406f5dbb4e2100f
SSDEEP

12288:H3BEaZsRDHux7TSFqq2x4jLpzkvFMPVrk7e0yk:hZsRDi7Tiv2x4jyMdrk7e0

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  0692774b9ac4abf855fd0f2ad828bd96_JaffaCakes118
- Size
  
  422KB
- MD5
  
  0692774b9ac4abf855fd0f2ad828bd96
- SHA1
  
  6177a2973bd979875b5849de3c9855af36518504
- SHA256
  
  b6d7b4f946942a910f240017add9f48d7b465ae33ed89481ec4284abc6033aca
- SHA512
  
  2610139ccec0207ac4c834d6352969dd944432b5bde9fc4b000a68e32ced87a942d70b7fb555378c8925846d6ead4a5d3241c9e9d83491743406f5dbb4e2100f
- SSDEEP
  
  12288:H3BEaZsRDHux7TSFqq2x4jLpzkvFMPVrk7e0yk:hZsRDi7Tiv2x4jyMdrk7e0
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2