7f3e75577d1d2831143588f903262830299601f9d429854a95abbcec0e7b88c1 | Triage

Sharing

General

Target

73dc2446341699857aaf39489508f7d7_JaffaCakes118
Size

18KB
Sample

240726-nkyyaaydlf
MD5

73dc2446341699857aaf39489508f7d7
SHA1

8a10938b39576f9bd0378a02afea020938bc8e0d
SHA256

7f3e75577d1d2831143588f903262830299601f9d429854a95abbcec0e7b88c1
SHA512

1342ef514e4945f7ae7c6d65439ee364f7141e1048d8b990d2fdec574bfc1109dbe33a840634d3a051f55bb2f0586171633439ae87ec396c3cdafc004c50f3bc
SSDEEP

384:0Ersg036mz6NsUXQR3wocgjvc8MBxD8kUOvF7t139Xg1/9FqlY:og0KmzvTc4xe8kU0F7OB9FqlY

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  73dc2446341699857aaf39489508f7d7_JaffaCakes118
- Size
  
  18KB
- MD5
  
  73dc2446341699857aaf39489508f7d7
- SHA1
  
  8a10938b39576f9bd0378a02afea020938bc8e0d
- SHA256
  
  7f3e75577d1d2831143588f903262830299601f9d429854a95abbcec0e7b88c1
- SHA512
  
  1342ef514e4945f7ae7c6d65439ee364f7141e1048d8b990d2fdec574bfc1109dbe33a840634d3a051f55bb2f0586171633439ae87ec396c3cdafc004c50f3bc
- SSDEEP
  
  384:0Ersg036mz6NsUXQR3wocgjvc8MBxD8kUOvF7t139Xg1/9FqlY:og0KmzvTc4xe8kU0F7OB9FqlY
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence