a7a10df7e0054ca5a113abd82dd0592f2e06ffba909561e2a46b0017878ac5d2 | Triage

Sharing

General

Target

56589dc46bd6f390fb664a84e3cfb7e2_JaffaCakes118
Size

276KB
Sample

241018-j21qzswdld
MD5

56589dc46bd6f390fb664a84e3cfb7e2
SHA1

8a56bb976c02c97aa375e42901d168605adc1df5
SHA256

a7a10df7e0054ca5a113abd82dd0592f2e06ffba909561e2a46b0017878ac5d2
SHA512

196d7d26a3e81c1e4e6041666762b301ab2cbebf28008e6926dacce5d29e3d4f99605cddefa80825419506c8407eafd5d8fe3cc44f584e9da4ae92413b6f0f8b
SSDEEP

6144:k8t7DnZAolUf7B5L610evEE7UD1ozMUN2vCgCl3:k0qoGSxvaozMHCgCl3

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  56589dc46bd6f390fb664a84e3cfb7e2_JaffaCakes118
- Size
  
  276KB
- MD5
  
  56589dc46bd6f390fb664a84e3cfb7e2
- SHA1
  
  8a56bb976c02c97aa375e42901d168605adc1df5
- SHA256
  
  a7a10df7e0054ca5a113abd82dd0592f2e06ffba909561e2a46b0017878ac5d2
- SHA512
  
  196d7d26a3e81c1e4e6041666762b301ab2cbebf28008e6926dacce5d29e3d4f99605cddefa80825419506c8407eafd5d8fe3cc44f584e9da4ae92413b6f0f8b
- SSDEEP
  
  6144:k8t7DnZAolUf7B5L610evEE7UD1ozMUN2vCgCl3:k0qoGSxvaozMHCgCl3
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence