397542e21e11a1520823603525e7fb90cf2f0bcae852f4918426171ca51e8ecc | Triage

Sharing

General

Target

be3d0f7adf5087be97f3d1bc7e6f8354_JaffaCakes118
Size

4KB
Sample

240824-kkmngatejq
MD5

be3d0f7adf5087be97f3d1bc7e6f8354
SHA1

95be89e38bb8f2a116e3e65f91722d544b284bc3
SHA256

397542e21e11a1520823603525e7fb90cf2f0bcae852f4918426171ca51e8ecc
SHA512

fd100983ce2a55a5b10685c900ba087e61c8cb9a2325f592f0d605a09d081f878bc0334b8de34ca25d2aa5d40b589964f3be070ae31c8dc280007f2d3f0d19e3
SSDEEP

96:1eSxHcQ/cGt/ilQasMPqxyEHWtQTW8Y1QGrXHzxBHj:1eAcu3t/ilFsMcCQTzYeGr3lBHj

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  be3d0f7adf5087be97f3d1bc7e6f8354_JaffaCakes118
- Size
  
  4KB
- MD5
  
  be3d0f7adf5087be97f3d1bc7e6f8354
- SHA1
  
  95be89e38bb8f2a116e3e65f91722d544b284bc3
- SHA256
  
  397542e21e11a1520823603525e7fb90cf2f0bcae852f4918426171ca51e8ecc
- SHA512
  
  fd100983ce2a55a5b10685c900ba087e61c8cb9a2325f592f0d605a09d081f878bc0334b8de34ca25d2aa5d40b589964f3be070ae31c8dc280007f2d3f0d19e3
- SSDEEP
  
  96:1eSxHcQ/cGt/ilQasMPqxyEHWtQTW8Y1QGrXHzxBHj:1eAcu3t/ilFsMcCQTzYeGr3lBHj
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Network Share Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence