16df2c97a360e199f3fc56c60196ddc74ab5e638b83378f4137e2cd87e37530b | Triage

Sharing

General

Target

719ae9c704f6f32f2dc75e78a0561056_JaffaCakes118
Size

389KB
Sample

240725-2z57ss1amj
MD5

719ae9c704f6f32f2dc75e78a0561056
SHA1

741653be095334d5d30f0573166715da9604a62e
SHA256

16df2c97a360e199f3fc56c60196ddc74ab5e638b83378f4137e2cd87e37530b
SHA512

59abadfffe7f6fc9b9fec84c638fa57c3b7b5f7f6e7525cf2b97914a78fe699a9a71e8a4124929eb594a0fd1014073322dd6ef575e632e3838e65d1b63a6dba5
SSDEEP

6144:CTjNddmi0JzmImfPVhHk0813ejg57nrV7IubXoXjTNlmiiswQYtd+YhyPNHCl/:2Ndd3+zmn1U1u+rVUmoX0swrtd7G5o

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  719ae9c704f6f32f2dc75e78a0561056_JaffaCakes118
- Size
  
  389KB
- MD5
  
  719ae9c704f6f32f2dc75e78a0561056
- SHA1
  
  741653be095334d5d30f0573166715da9604a62e
- SHA256
  
  16df2c97a360e199f3fc56c60196ddc74ab5e638b83378f4137e2cd87e37530b
- SHA512
  
  59abadfffe7f6fc9b9fec84c638fa57c3b7b5f7f6e7525cf2b97914a78fe699a9a71e8a4124929eb594a0fd1014073322dd6ef575e632e3838e65d1b63a6dba5
- SSDEEP
  
  6144:CTjNddmi0JzmImfPVhHk0813ejg57nrV7IubXoXjTNlmiiswQYtd+YhyPNHCl/:2Ndd3+zmn1U1u+rVUmoX0swrtd7G5o
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence