b761797c037d395dafcb44c15213674f05f9fa1e8a5a521d68a9aa45caaf526b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42e50cc50810ad2dc1cc67dc08d014a8_JaffaCakes118
Size

233KB
Sample

240514-y2tp1afa69
MD5

42e50cc50810ad2dc1cc67dc08d014a8
SHA1

7ff74e6236d78a24391703a797b5474639809f44
SHA256

b761797c037d395dafcb44c15213674f05f9fa1e8a5a521d68a9aa45caaf526b
SHA512

b985d35e50846dafec9c40fc8915f1c1ab7247ad01555713cac6204d9b0e4909eed03790ca7f9ae8774ddb3fb469a3773bc396a77908ecc63bd613cef1a8a5b3
SSDEEP

6144:4xyMeM8tKmy/q7RglyFlqsGnK48uGSiU4px:4xyMehti/8R7lJEGSiU43

Score

7^/10

Malware Config

Targets

- Target
  
  42e50cc50810ad2dc1cc67dc08d014a8_JaffaCakes118
- Size
  
  233KB
- MD5
  
  42e50cc50810ad2dc1cc67dc08d014a8
- SHA1
  
  7ff74e6236d78a24391703a797b5474639809f44
- SHA256
  
  b761797c037d395dafcb44c15213674f05f9fa1e8a5a521d68a9aa45caaf526b
- SHA512
  
  b985d35e50846dafec9c40fc8915f1c1ab7247ad01555713cac6204d9b0e4909eed03790ca7f9ae8774ddb3fb469a3773bc396a77908ecc63bd613cef1a8a5b3
- SSDEEP
  
  6144:4xyMeM8tKmy/q7RglyFlqsGnK48uGSiU4px:4xyMehti/8R7lJEGSiU43
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2