6cbccee5ea45643f8c7f595c4cff567764312a823ca958ef8dfb58c0d71495c6 | Triage

Sharing

General

Target

14d15ea4d6bb69aa8817f2cb6ba04986_JaffaCakes118
Size

135KB
Sample

240504-2qe91shc32
MD5

14d15ea4d6bb69aa8817f2cb6ba04986
SHA1

aba3e8a1ae0e765ffc6189c398fd00ace53d49ca
SHA256

6cbccee5ea45643f8c7f595c4cff567764312a823ca958ef8dfb58c0d71495c6
SHA512

cafe59ec9788aa4bb1dfe48174684700d86905645555865f8a7ae6a65ccd35d5151f33a15787017432ae8cac86848a6bc473874f06ed12c5e23a9c2b354e25a9
SSDEEP

3072:FIYz/qlEKKoRc4Jd31Ug38GsOD+Gjz+W36NWApU:FI2s79RcO31l8Gslov6oApU

Score

7^/10

Malware Config

Targets

- Target
  
  14d15ea4d6bb69aa8817f2cb6ba04986_JaffaCakes118
- Size
  
  135KB
- MD5
  
  14d15ea4d6bb69aa8817f2cb6ba04986
- SHA1
  
  aba3e8a1ae0e765ffc6189c398fd00ace53d49ca
- SHA256
  
  6cbccee5ea45643f8c7f595c4cff567764312a823ca958ef8dfb58c0d71495c6
- SHA512
  
  cafe59ec9788aa4bb1dfe48174684700d86905645555865f8a7ae6a65ccd35d5151f33a15787017432ae8cac86848a6bc473874f06ed12c5e23a9c2b354e25a9
- SSDEEP
  
  3072:FIYz/qlEKKoRc4Jd31Ug38GsOD+Gjz+W36NWApU:FI2s79RcO31l8Gslov6oApU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2