34eece1599d0d50006df8533a9d1b2006435212c36c3936ecbbc650e8746f0f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86ddb8f74624847a55b56b199a328f54_JaffaCakes118
Size

43KB
Sample

240810-vatddaybkk
MD5

86ddb8f74624847a55b56b199a328f54
SHA1

1feca7e9c5ee6f73047ea37d01d291afc6d88178
SHA256

34eece1599d0d50006df8533a9d1b2006435212c36c3936ecbbc650e8746f0f4
SHA512

b429ccab84e0d40d2612a2fdfabc304dcd86fa29c5aef29b44273e636deb1db46f28be4572b4d7686543badda886f0c174fbbb6ee10d8376259ed064eb841103
SSDEEP

768:Fuv53X6uzpm9qFkDDZOuu/Dk9vx4XpVoAFnNVl+5fqJMxVxt6CDhOQ3:Iv53Ku9m9qeDkuZ4XpCAbWDwU

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  86ddb8f74624847a55b56b199a328f54_JaffaCakes118
- Size
  
  43KB
- MD5
  
  86ddb8f74624847a55b56b199a328f54
- SHA1
  
  1feca7e9c5ee6f73047ea37d01d291afc6d88178
- SHA256
  
  34eece1599d0d50006df8533a9d1b2006435212c36c3936ecbbc650e8746f0f4
- SHA512
  
  b429ccab84e0d40d2612a2fdfabc304dcd86fa29c5aef29b44273e636deb1db46f28be4572b4d7686543badda886f0c174fbbb6ee10d8376259ed064eb841103
- SSDEEP
  
  768:Fuv53X6uzpm9qFkDDZOuu/Dk9vx4XpVoAFnNVl+5fqJMxVxt6CDhOQ3:Iv53Ku9m9qeDkuZ4XpCAbWDwU
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence