c59205f49328d12b9ab83bda148753c762a83df93d6bee97c550f25dba4eff19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1012b06ae63386e33eca4634acfb2e29_JaffaCakes118
Size

19KB
Sample

241003-w4zb6azeqm
MD5

1012b06ae63386e33eca4634acfb2e29
SHA1

6a86ca095a02bdaa779c5588d7de70d97c521a70
SHA256

c59205f49328d12b9ab83bda148753c762a83df93d6bee97c550f25dba4eff19
SHA512

cc54ee37e539080831dbd1a8c055df51967f10637ed5e62e6026032de2fa2d7099270b30a45d3dac1ad1e4fd0dcf01f85458ab1229021828addd21b8d56a1e8f
SSDEEP

384:dRdCy1MqlWM4mQ24lSFkKZNlsbzAlq1UwmzkwA7mXBaPr6:VCyCqlP4mQDe1q1M4O8Pe

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  1012b06ae63386e33eca4634acfb2e29_JaffaCakes118
- Size
  
  19KB
- MD5
  
  1012b06ae63386e33eca4634acfb2e29
- SHA1
  
  6a86ca095a02bdaa779c5588d7de70d97c521a70
- SHA256
  
  c59205f49328d12b9ab83bda148753c762a83df93d6bee97c550f25dba4eff19
- SHA512
  
  cc54ee37e539080831dbd1a8c055df51967f10637ed5e62e6026032de2fa2d7099270b30a45d3dac1ad1e4fd0dcf01f85458ab1229021828addd21b8d56a1e8f
- SSDEEP
  
  384:dRdCy1MqlWM4mQ24lSFkKZNlsbzAlq1UwmzkwA7mXBaPr6:VCyCqlP4mQDe1q1M4O8Pe
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence