f23a17da7384a9bdd9a13c9b089a6f1695d62a3500a8d6fe9691dc2308e63f36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b4d5a8159695c59f5d3acbdd915f7e3_JaffaCakes118
Size

84KB
Sample

240712-apla4a1clq
MD5

3b4d5a8159695c59f5d3acbdd915f7e3
SHA1

69d4839f434fada124d9c9a0706629acfde011c8
SHA256

f23a17da7384a9bdd9a13c9b089a6f1695d62a3500a8d6fe9691dc2308e63f36
SHA512

6e4b1833a4311772557445666ca936bdd6536f0024f9c4c6889acc6c3f9d3adad7bffa2a6d0e84e1751ca58c573b2bfd310efc20f9f13d391055ae0de2da69be
SSDEEP

1536:LIgwJEuejMHreg7FOnb5CRAjqlvX8glxB5YyFjN+8gBA9zlXnXJ4441:mBlFu4SjIzlxTYZKX4441

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3b4d5a8159695c59f5d3acbdd915f7e3_JaffaCakes118
- Size
  
  84KB
- MD5
  
  3b4d5a8159695c59f5d3acbdd915f7e3
- SHA1
  
  69d4839f434fada124d9c9a0706629acfde011c8
- SHA256
  
  f23a17da7384a9bdd9a13c9b089a6f1695d62a3500a8d6fe9691dc2308e63f36
- SHA512
  
  6e4b1833a4311772557445666ca936bdd6536f0024f9c4c6889acc6c3f9d3adad7bffa2a6d0e84e1751ca58c573b2bfd310efc20f9f13d391055ae0de2da69be
- SSDEEP
  
  1536:LIgwJEuejMHreg7FOnb5CRAjqlvX8glxB5YyFjN+8gBA9zlXnXJ4441:mBlFu4SjIzlxTYZKX4441
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2