d52fdd39989af17e464d3e854fb19a289206790efc06a0735afdc45455b48727 | Triage

Sharing

General

Target

0b0169d3702e9554d7cab8ee658bc624_JaffaCakes118
Size

192KB
Sample

241002-q9l15atcmh
MD5

0b0169d3702e9554d7cab8ee658bc624
SHA1

448f5306ae017532b860ac848f85a6be2adb6e38
SHA256

d52fdd39989af17e464d3e854fb19a289206790efc06a0735afdc45455b48727
SHA512

5e0a1a1b6895bea87ed563eb71c6157a343359ff78cf9890249cf45ae4e178006ac864f2f1198551bd357a102bf4302e98add6b40f4af16f6742732f299e2767
SSDEEP

3072:H/na6WDmrZ5Cn79xvlr2xmOJ5wUuWXcfb0hw7IACb873684yVcx566/znTV/IEeC:H/nuDm9knmhJ4/sMLuO6/zLeEf

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  0b0169d3702e9554d7cab8ee658bc624_JaffaCakes118
- Size
  
  192KB
- MD5
  
  0b0169d3702e9554d7cab8ee658bc624
- SHA1
  
  448f5306ae017532b860ac848f85a6be2adb6e38
- SHA256
  
  d52fdd39989af17e464d3e854fb19a289206790efc06a0735afdc45455b48727
- SHA512
  
  5e0a1a1b6895bea87ed563eb71c6157a343359ff78cf9890249cf45ae4e178006ac864f2f1198551bd357a102bf4302e98add6b40f4af16f6742732f299e2767
- SSDEEP
  
  3072:H/na6WDmrZ5Cn79xvlr2xmOJ5wUuWXcfb0hw7IACb873684yVcx566/znTV/IEeC:H/nuDm9knmhJ4/sMLuO6/zLeEf
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence