7ec6a935ceb3f77da5aec56f5c6699a1cfa29af3629e9d570d702b45169eae71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15d23ac18b9f9aa9b81563ec8fb763c7_JaffaCakes118
Size

168KB
Sample

240627-nhxx7sydqh
MD5

15d23ac18b9f9aa9b81563ec8fb763c7
SHA1

11b949ad5f07f5c9f8ea53c66ad8edca2eaf4b85
SHA256

7ec6a935ceb3f77da5aec56f5c6699a1cfa29af3629e9d570d702b45169eae71
SHA512

742a65e381c772b07525b537007e1b9c94575052508c83810b0c58a0d7ffe19c009f191409d6c9788edac873bd6dda29842496ee353b996673aed34dfe99fbf0
SSDEEP

3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8W:o68i3odBiTl2+TCU/c

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  15d23ac18b9f9aa9b81563ec8fb763c7_JaffaCakes118
- Size
  
  168KB
- MD5
  
  15d23ac18b9f9aa9b81563ec8fb763c7
- SHA1
  
  11b949ad5f07f5c9f8ea53c66ad8edca2eaf4b85
- SHA256
  
  7ec6a935ceb3f77da5aec56f5c6699a1cfa29af3629e9d570d702b45169eae71
- SHA512
  
  742a65e381c772b07525b537007e1b9c94575052508c83810b0c58a0d7ffe19c009f191409d6c9788edac873bd6dda29842496ee353b996673aed34dfe99fbf0
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8W:o68i3odBiTl2+TCU/c
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2