ec085e53142dba2e44a6443f575e5d30142295d2004b43d0a745e262193fae45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37b236da8f5c182d9cdce7424c3be209_JaffaCakes118
Size

66KB
Sample

240711-e1646ayfqr
MD5

37b236da8f5c182d9cdce7424c3be209
SHA1

b6dd8fc3ad305ced71fca562603046edea964f24
SHA256

ec085e53142dba2e44a6443f575e5d30142295d2004b43d0a745e262193fae45
SHA512

51d24af0fb4007ab6d35d17b32aaa052d22f82e9981322138719644cce73afbd7b1b974f0b59a4f75b8c8a4353eae85ee4d4732ad1d3eaed15baef3350943c32
SSDEEP

1536:0kkizsfcQF28nrTrIuaa+vPXKbKjXa8VCPvgU25rVii64hQv+pa:sigcQF28nrQuaai79UMd64hk+0

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  37b236da8f5c182d9cdce7424c3be209_JaffaCakes118
- Size
  
  66KB
- MD5
  
  37b236da8f5c182d9cdce7424c3be209
- SHA1
  
  b6dd8fc3ad305ced71fca562603046edea964f24
- SHA256
  
  ec085e53142dba2e44a6443f575e5d30142295d2004b43d0a745e262193fae45
- SHA512
  
  51d24af0fb4007ab6d35d17b32aaa052d22f82e9981322138719644cce73afbd7b1b974f0b59a4f75b8c8a4353eae85ee4d4732ad1d3eaed15baef3350943c32
- SSDEEP
  
  1536:0kkizsfcQF28nrTrIuaa+vPXKbKjXa8VCPvgU25rVii64hQv+pa:sigcQF28nrQuaai79UMd64hk+0
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2