c53764067dd63a6965d5e5a0986926e32bb8160653ac8c95a8812d36a084d77a | Triage

Sharing

General

Target

bbe783342462dc10209a2fc809ecd72b_JaffaCakes118
Size

197KB
Sample

240823-qmyfmsweke
MD5

bbe783342462dc10209a2fc809ecd72b
SHA1

e805a1bb98fa4edb9f21bb1cbf095134cb632890
SHA256

c53764067dd63a6965d5e5a0986926e32bb8160653ac8c95a8812d36a084d77a
SHA512

cc08721b2a6cb014d2ceedd58c3173a92e600286eecbd7333cd57bfb83fb996f92bc169293b21b8d9b73b2cbcad8ec2a3afa516e937351f7114bc58dcc43a03b
SSDEEP

3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/B8wkgWkgnx:o68i3odBiTl2+TCU/hkzk8x

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  bbe783342462dc10209a2fc809ecd72b_JaffaCakes118
- Size
  
  197KB
- MD5
  
  bbe783342462dc10209a2fc809ecd72b
- SHA1
  
  e805a1bb98fa4edb9f21bb1cbf095134cb632890
- SHA256
  
  c53764067dd63a6965d5e5a0986926e32bb8160653ac8c95a8812d36a084d77a
- SHA512
  
  cc08721b2a6cb014d2ceedd58c3173a92e600286eecbd7333cd57bfb83fb996f92bc169293b21b8d9b73b2cbcad8ec2a3afa516e937351f7114bc58dcc43a03b
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/B8wkgWkgnx:o68i3odBiTl2+TCU/hkzk8x
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence