79551a8aa1675bf043646abf29e5f58587fd62f6256fdd82a15388b9ea749267 | Triage

Sharing

General

Target

8ca6b8ebd48b0e805eff8b8eadff8712_JaffaCakes118
Size

170KB
Sample

240812-a39kvaxbrm
MD5

8ca6b8ebd48b0e805eff8b8eadff8712
SHA1

4e0d4594c8dcf2efc0acd6beb233c7d4c5f421de
SHA256

79551a8aa1675bf043646abf29e5f58587fd62f6256fdd82a15388b9ea749267
SHA512

f00b0d477088d32a9acec7ec8866bab8e7b8d97899e6ac742393aeda16f669af409d474ab3cb06fadb60b7bfed9aeca522fec1ba4f45b246b46a310aec9f7fd7
SSDEEP

3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8D:o68i3odBiTl2+TCU/V

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  8ca6b8ebd48b0e805eff8b8eadff8712_JaffaCakes118
- Size
  
  170KB
- MD5
  
  8ca6b8ebd48b0e805eff8b8eadff8712
- SHA1
  
  4e0d4594c8dcf2efc0acd6beb233c7d4c5f421de
- SHA256
  
  79551a8aa1675bf043646abf29e5f58587fd62f6256fdd82a15388b9ea749267
- SHA512
  
  f00b0d477088d32a9acec7ec8866bab8e7b8d97899e6ac742393aeda16f669af409d474ab3cb06fadb60b7bfed9aeca522fec1ba4f45b246b46a310aec9f7fd7
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8D:o68i3odBiTl2+TCU/V
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence