d27f0bba951412e4bb88c919e54ad61f9244c0aa6d211e376b5848d296adedd1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9499235904f39c6f3edd38d9bc7a0819_JaffaCakes118
Size

28KB
Sample

240813-y55axavakc
MD5

9499235904f39c6f3edd38d9bc7a0819
SHA1

c892ebcaa9026d3e29a4dee9c724d4b45cfd7e7f
SHA256

d27f0bba951412e4bb88c919e54ad61f9244c0aa6d211e376b5848d296adedd1
SHA512

56b23db2bfd17526789bc03f15f3e402665b9da793711ca3267bcd40bd047e2d6a071c1987410bace2819553e513352094bf4ebe0115c6192bb268ca58fccc7f
SSDEEP

384:Izms1b6bDSmpwdwcxmBktoVC6vnGRnZ6Fa9dULok:an1Kdp9cxZoIenGRnQFHo

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  9499235904f39c6f3edd38d9bc7a0819_JaffaCakes118
- Size
  
  28KB
- MD5
  
  9499235904f39c6f3edd38d9bc7a0819
- SHA1
  
  c892ebcaa9026d3e29a4dee9c724d4b45cfd7e7f
- SHA256
  
  d27f0bba951412e4bb88c919e54ad61f9244c0aa6d211e376b5848d296adedd1
- SHA512
  
  56b23db2bfd17526789bc03f15f3e402665b9da793711ca3267bcd40bd047e2d6a071c1987410bace2819553e513352094bf4ebe0115c6192bb268ca58fccc7f
- SSDEEP
  
  384:Izms1b6bDSmpwdwcxmBktoVC6vnGRnZ6Fa9dULok:an1Kdp9cxZoIenGRnQFHo
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence