c8a657cd6b152b08ae360bba97995edd279e8dad273d9055f97ee91e16c302e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88c71b4476cc7b5f910a89e858373756_JaffaCakes118
Size

21KB
Sample

240811-dqhs5swgjb
MD5

88c71b4476cc7b5f910a89e858373756
SHA1

f71fd69ef71e81205f91fb58da5b8a5dd31ac5d9
SHA256

c8a657cd6b152b08ae360bba97995edd279e8dad273d9055f97ee91e16c302e6
SHA512

8556f508c40364321e1de9c8157d4373539dffddd44d0db30b7e33193627b67de7fa20e0b8f6152b12c6804a86128ecc7157374b40cf767b1f14cfce1c6ae310
SSDEEP

384:cLj2ZlDd72I7iL5j9hnoHdV7Ld0IDMurMJJH9ELjkd7cInIrk:6mqz5xhno9VF0IOHb73Irk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  88c71b4476cc7b5f910a89e858373756_JaffaCakes118
- Size
  
  21KB
- MD5
  
  88c71b4476cc7b5f910a89e858373756
- SHA1
  
  f71fd69ef71e81205f91fb58da5b8a5dd31ac5d9
- SHA256
  
  c8a657cd6b152b08ae360bba97995edd279e8dad273d9055f97ee91e16c302e6
- SHA512
  
  8556f508c40364321e1de9c8157d4373539dffddd44d0db30b7e33193627b67de7fa20e0b8f6152b12c6804a86128ecc7157374b40cf767b1f14cfce1c6ae310
- SSDEEP
  
  384:cLj2ZlDd72I7iL5j9hnoHdV7Ld0IDMurMJJH9ELjkd7cInIrk:6mqz5xhno9VF0IOHb73Irk
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2