35a3cffedae27c865d539e4a17941bd56de3a957900ed4dd162fc2150a69dbb2 | Triage

Sharing

General

Target

4b70f83599510d7a5e8835a3f54138b8_JaffaCakes118
Size

422KB
Sample

240715-z5jjwascmf
MD5

4b70f83599510d7a5e8835a3f54138b8
SHA1

b2b1bacca6baea0868b0f709d6570ea361fb6cc0
SHA256

35a3cffedae27c865d539e4a17941bd56de3a957900ed4dd162fc2150a69dbb2
SHA512

5547f4737133fde3cf2f5b6e063305d75cffe0071b69b2c78e1cfbd978b8cf51d28542933117e2a124aec3ec27046eb1f9a4124177644b642afa93d9e86f152c
SSDEEP

12288:H3BEaZsRDHux7TSFqq2x49QTLpzkvFMPVrk7e0yk:hZsRDi7Tiv2x4eyMdrk7e0

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4b70f83599510d7a5e8835a3f54138b8_JaffaCakes118
- Size
  
  422KB
- MD5
  
  4b70f83599510d7a5e8835a3f54138b8
- SHA1
  
  b2b1bacca6baea0868b0f709d6570ea361fb6cc0
- SHA256
  
  35a3cffedae27c865d539e4a17941bd56de3a957900ed4dd162fc2150a69dbb2
- SHA512
  
  5547f4737133fde3cf2f5b6e063305d75cffe0071b69b2c78e1cfbd978b8cf51d28542933117e2a124aec3ec27046eb1f9a4124177644b642afa93d9e86f152c
- SSDEEP
  
  12288:H3BEaZsRDHux7TSFqq2x49QTLpzkvFMPVrk7e0yk:hZsRDi7Tiv2x4eyMdrk7e0
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2