81233a60a00f9ceca0b97caccc717d58dcb8d5739a612ca47aaae517306fb192 | Triage

Sharing

General

Target

83afda3367cd7f6b82d6ab483d1e923e_JaffaCakes118
Size

17KB
Sample

240809-1rhwvs1bpk
MD5

83afda3367cd7f6b82d6ab483d1e923e
SHA1

cafd03d260613936662a34f77d49f83bc51ecf6d
SHA256

81233a60a00f9ceca0b97caccc717d58dcb8d5739a612ca47aaae517306fb192
SHA512

1fe94b34da81a4b33856e3203271b8fac9c3222f344b43460437fe8f7d4cf5407418c664e4b8fe1d5c9f7566b236b4a636bbe7de06657b4818c70fa9d53e691e
SSDEEP

384:atPEVxH3L5TkLrg4iq+LRIgy64FyKJACzYcCe:aVEXbJk3Kmy4FzYcCe

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  83afda3367cd7f6b82d6ab483d1e923e_JaffaCakes118
- Size
  
  17KB
- MD5
  
  83afda3367cd7f6b82d6ab483d1e923e
- SHA1
  
  cafd03d260613936662a34f77d49f83bc51ecf6d
- SHA256
  
  81233a60a00f9ceca0b97caccc717d58dcb8d5739a612ca47aaae517306fb192
- SHA512
  
  1fe94b34da81a4b33856e3203271b8fac9c3222f344b43460437fe8f7d4cf5407418c664e4b8fe1d5c9f7566b236b4a636bbe7de06657b4818c70fa9d53e691e
- SSDEEP
  
  384:atPEVxH3L5TkLrg4iq+LRIgy64FyKJACzYcCe:aVEXbJk3Kmy4FzYcCe
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2