9a08147f0747f8dd188ba63750939b5e8ca2951d0450c87f48c841362ce9bd19 | Triage

Sharing

General

Target

17359ee2a3e133f9fb0b2e65e74c3bdc_JaffaCakes118
Size

628KB
Sample

241005-lyeepatamh
MD5

17359ee2a3e133f9fb0b2e65e74c3bdc
SHA1

40e63d3c4f4a6704985aadf1c9dc478ec7fc2812
SHA256

9a08147f0747f8dd188ba63750939b5e8ca2951d0450c87f48c841362ce9bd19
SHA512

028baae2140e6853707f89b05b177bf8266333a4a322e88e992663cd14ba1f2a90e406f53fc4807e75a22ada91d2cb6c23a176f05dd4c4cf1417cf87801e770b
SSDEEP

12288:X5LvNWhOZY6rMLYAJWaDkF6gReTiIfr5PmwQ4WpM8DV:X5Lc+YLYAabMGqPmwtWpp

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  17359ee2a3e133f9fb0b2e65e74c3bdc_JaffaCakes118
- Size
  
  628KB
- MD5
  
  17359ee2a3e133f9fb0b2e65e74c3bdc
- SHA1
  
  40e63d3c4f4a6704985aadf1c9dc478ec7fc2812
- SHA256
  
  9a08147f0747f8dd188ba63750939b5e8ca2951d0450c87f48c841362ce9bd19
- SHA512
  
  028baae2140e6853707f89b05b177bf8266333a4a322e88e992663cd14ba1f2a90e406f53fc4807e75a22ada91d2cb6c23a176f05dd4c4cf1417cf87801e770b
- SSDEEP
  
  12288:X5LvNWhOZY6rMLYAJWaDkF6gReTiIfr5PmwQ4WpM8DV:X5Lc+YLYAabMGqPmwtWpp
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence