2c357310491f6643a133870005248ef8ea4af1734358996e4edf882f17d39158 | Triage

Sharing

General

Target

64d4e3d136e8a1b8fbbacb2d3fd59979_JaffaCakes118
Size

43KB
Sample

240722-z3txtsycrc
MD5

64d4e3d136e8a1b8fbbacb2d3fd59979
SHA1

79c80a8668b4ce529563b561ff6778c9ab330e27
SHA256

2c357310491f6643a133870005248ef8ea4af1734358996e4edf882f17d39158
SHA512

fc56d85ea9dca0c115016468867978a4bece667400fdc70f7837f5cb2fbe776730921699c23a3c43f1aa67905713b44c3783cab144edd9b2eacd0152f99d0e15
SSDEEP

768:yyBnYLuyuF+C/0SYVHpgvfOpUiHf92ZSEGtpvsT51FwdC/pZPodEeEJ6Len:ycnYLuqcvY9KvGpRMZeQFwdinPydEJ66

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  64d4e3d136e8a1b8fbbacb2d3fd59979_JaffaCakes118
- Size
  
  43KB
- MD5
  
  64d4e3d136e8a1b8fbbacb2d3fd59979
- SHA1
  
  79c80a8668b4ce529563b561ff6778c9ab330e27
- SHA256
  
  2c357310491f6643a133870005248ef8ea4af1734358996e4edf882f17d39158
- SHA512
  
  fc56d85ea9dca0c115016468867978a4bece667400fdc70f7837f5cb2fbe776730921699c23a3c43f1aa67905713b44c3783cab144edd9b2eacd0152f99d0e15
- SSDEEP
  
  768:yyBnYLuyuF+C/0SYVHpgvfOpUiHf92ZSEGtpvsT51FwdC/pZPodEeEJ6Len:ycnYLuqcvY9KvGpRMZeQFwdinPydEJ66
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2