7df85ec48220dba1dcc92dd509e1181b4cbc5da8e2e4068f9ee58a9ece8782d7 | Triage

Sharing

General

Target

bd95366fe4d1cb7a7756c50d3bb9cd9e_JaffaCakes118
Size

39KB
Sample

240823-3qrtgswbnj
MD5

bd95366fe4d1cb7a7756c50d3bb9cd9e
SHA1

15171481741f879792a69227706bd40bc568df44
SHA256

7df85ec48220dba1dcc92dd509e1181b4cbc5da8e2e4068f9ee58a9ece8782d7
SHA512

71f1f52f128b7c33c0dcf7cb1a99a4b65a5cb4aa873605ac00d7182f109afa7d27696cb6e9acc8342a929921abe10ee498ea08ed8e967b85bf4ec2c9557bb14f
SSDEEP

768:N5pirB5s2qzoeqB0RPlJUUWPqG9a/t9UMoeDE4eL6UssVlfZMBiYC:N5pircBUv2RPLAPqGY/t9U5eDEjesVlp

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  bd95366fe4d1cb7a7756c50d3bb9cd9e_JaffaCakes118
- Size
  
  39KB
- MD5
  
  bd95366fe4d1cb7a7756c50d3bb9cd9e
- SHA1
  
  15171481741f879792a69227706bd40bc568df44
- SHA256
  
  7df85ec48220dba1dcc92dd509e1181b4cbc5da8e2e4068f9ee58a9ece8782d7
- SHA512
  
  71f1f52f128b7c33c0dcf7cb1a99a4b65a5cb4aa873605ac00d7182f109afa7d27696cb6e9acc8342a929921abe10ee498ea08ed8e967b85bf4ec2c9557bb14f
- SSDEEP
  
  768:N5pirB5s2qzoeqB0RPlJUUWPqG9a/t9UMoeDE4eL6UssVlfZMBiYC:N5pircBUv2RPLAPqGY/t9U5eDEjesVlp
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence