36a442964497b9aa03417d620f40a59ddf6a25bbcb29e7545ce9cbf65618f893 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d8717b3c868646481cdb4f8ad810a4e_JaffaCakes118
Size

7.4MB
Sample

240502-falk7sbb66
MD5

0d8717b3c868646481cdb4f8ad810a4e
SHA1

d05b2a7c7b79e8787a3db1ca884a504814ebbb40
SHA256

36a442964497b9aa03417d620f40a59ddf6a25bbcb29e7545ce9cbf65618f893
SHA512

a43e895d286ffef1193b4cdce77b2589935aca88269c42e9110da4d01663eec74ac950f4e078ab4537823f5370ca9b561c62b0ae2d74913a1857de5b3899d907
SSDEEP

196608:brBF8FQQSHrFE4aVnfwYmCVZKLCogawU4SRAEcEgofqQ67cJy:fBS9I5ETnBj/KWog7U4MgvQK

Score

6^/10

Malware Config

Targets

- Target
  
  0d8717b3c868646481cdb4f8ad810a4e_JaffaCakes118
- Size
  
  7.4MB
- MD5
  
  0d8717b3c868646481cdb4f8ad810a4e
- SHA1
  
  d05b2a7c7b79e8787a3db1ca884a504814ebbb40
- SHA256
  
  36a442964497b9aa03417d620f40a59ddf6a25bbcb29e7545ce9cbf65618f893
- SHA512
  
  a43e895d286ffef1193b4cdce77b2589935aca88269c42e9110da4d01663eec74ac950f4e078ab4537823f5370ca9b561c62b0ae2d74913a1857de5b3899d907
- SSDEEP
  
  196608:brBF8FQQSHrFE4aVnfwYmCVZKLCogawU4SRAEcEgofqQ67cJy:fBS9I5ETnBj/KWog7U4MgvQK
Score

6^/10
- Checks for any installed AV software in registry
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2