7bcb0ba1dfc655e0bf1a87c2985fe47ec1c4be42cf42ddc421e7a1154452f747 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63d9f6eb49d552464571a09b8a77e7d7_JaffaCakes118
Size

233KB
Sample

240521-s9943aah66
MD5

63d9f6eb49d552464571a09b8a77e7d7
SHA1

907fce8d36269593c5ad5dd4e05e5db3d0ad295a
SHA256

7bcb0ba1dfc655e0bf1a87c2985fe47ec1c4be42cf42ddc421e7a1154452f747
SHA512

335c65c5dc54f0361aa7aea9d15e0216111ac4ec8fe8ea265f6606dbd1bb2d574f553c4e7901a742cc0cd480333e3a32c1a9110a59385b5175ff492a31e74419
SSDEEP

6144:4xyMeM8tKmy/q7RglyFlqsGnK48uGSiU4pw:4xyMehti/8R7lJEGSiU4S

Score

7^/10

Malware Config

Targets

- Target
  
  63d9f6eb49d552464571a09b8a77e7d7_JaffaCakes118
- Size
  
  233KB
- MD5
  
  63d9f6eb49d552464571a09b8a77e7d7
- SHA1
  
  907fce8d36269593c5ad5dd4e05e5db3d0ad295a
- SHA256
  
  7bcb0ba1dfc655e0bf1a87c2985fe47ec1c4be42cf42ddc421e7a1154452f747
- SHA512
  
  335c65c5dc54f0361aa7aea9d15e0216111ac4ec8fe8ea265f6606dbd1bb2d574f553c4e7901a742cc0cd480333e3a32c1a9110a59385b5175ff492a31e74419
- SSDEEP
  
  6144:4xyMeM8tKmy/q7RglyFlqsGnK48uGSiU4pw:4xyMehti/8R7lJEGSiU4S
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2