d8ef46c5a86dc8ba10ea1fa6a88e41fed256f8d388be05254f4b0c3cfab92163 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24b0fc146a8243d7b084000975fdd515_JaffaCakes118
Size

66KB
Sample

240704-fhtxjsxdrb
MD5

24b0fc146a8243d7b084000975fdd515
SHA1

5e4582694aa63d53b41848498edae98f9b5cdcac
SHA256

d8ef46c5a86dc8ba10ea1fa6a88e41fed256f8d388be05254f4b0c3cfab92163
SHA512

29fcf4fa0e7074eec6f10862c7eed5a48edb350bfd256c0003735f8123998d2d1cb466c54b7ddbd6587fe369c467e4d39a2090dace8169abb14a539cc980fb66
SSDEEP

1536:Xkki0LRzoMPpIxFFAVCnSNz6lDEGa7n7AsV3Mqmbd1lo:Rik4x++Y37pmN5Lo

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  24b0fc146a8243d7b084000975fdd515_JaffaCakes118
- Size
  
  66KB
- MD5
  
  24b0fc146a8243d7b084000975fdd515
- SHA1
  
  5e4582694aa63d53b41848498edae98f9b5cdcac
- SHA256
  
  d8ef46c5a86dc8ba10ea1fa6a88e41fed256f8d388be05254f4b0c3cfab92163
- SHA512
  
  29fcf4fa0e7074eec6f10862c7eed5a48edb350bfd256c0003735f8123998d2d1cb466c54b7ddbd6587fe369c467e4d39a2090dace8169abb14a539cc980fb66
- SSDEEP
  
  1536:Xkki0LRzoMPpIxFFAVCnSNz6lDEGa7n7AsV3Mqmbd1lo:Rik4x++Y37pmN5Lo
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2