26cce8a5cf9fc0b93dcd12d1a2c96d3fdbe21f6d49c5e1ecf53a0fe93d919af9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e121aa01b1f4f3877b45a15c173b03d1_JaffaCakes118
Size

40KB
Sample

240914-11dy9szbkd
MD5

e121aa01b1f4f3877b45a15c173b03d1
SHA1

8729806fa618101e3a555ec5b9aaa9883caabd79
SHA256

26cce8a5cf9fc0b93dcd12d1a2c96d3fdbe21f6d49c5e1ecf53a0fe93d919af9
SHA512

65803d84fdfaadfe5dd268c3f98df299da23d71d80f45dcd4d85b69930f0b1e43d92fe37c6df75f8e96665268b7f40c06132094d9bc5daed718e18972244ad67
SSDEEP

768:+096jBFR1xD7TodMN1pOYQx1xUVUNOlAZHJEvhWzvvNHbuli:N9C1xD11kY/UNZHSvhWzvFS0

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  e121aa01b1f4f3877b45a15c173b03d1_JaffaCakes118
- Size
  
  40KB
- MD5
  
  e121aa01b1f4f3877b45a15c173b03d1
- SHA1
  
  8729806fa618101e3a555ec5b9aaa9883caabd79
- SHA256
  
  26cce8a5cf9fc0b93dcd12d1a2c96d3fdbe21f6d49c5e1ecf53a0fe93d919af9
- SHA512
  
  65803d84fdfaadfe5dd268c3f98df299da23d71d80f45dcd4d85b69930f0b1e43d92fe37c6df75f8e96665268b7f40c06132094d9bc5daed718e18972244ad67
- SSDEEP
  
  768:+096jBFR1xD7TodMN1pOYQx1xUVUNOlAZHJEvhWzvvNHbuli:N9C1xD11kY/UNZHSvhWzvFS0
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence