ecb287f510e74e70d744a498689177773b5cf79c6e52a2971b403bbc70befe9b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fad068565b2d2aad1a52e4c817052a6_JaffaCakes118
Size

159KB
Sample

240524-yqsnkahe82
MD5

6fad068565b2d2aad1a52e4c817052a6
SHA1

ee0eb1a93a306dfc65e12264d3e45cd5f6df9194
SHA256

ecb287f510e74e70d744a498689177773b5cf79c6e52a2971b403bbc70befe9b
SHA512

9f260a7f6a77192dc81efc21591bdad61c57854d7f5bbc0cdb2037eabedf45fad642554e16724026eb9b3df7b1eb6794ab2b069762b5f6b9b8bad8c05651e4f2
SSDEEP

3072:thBMINbZ8bHsz1uDPN82b4qiHLRnFRslWhr:thBMVMo/ZiHlFR9p

Score

7^/10

Malware Config

Targets

- Target
  
  6fad068565b2d2aad1a52e4c817052a6_JaffaCakes118
- Size
  
  159KB
- MD5
  
  6fad068565b2d2aad1a52e4c817052a6
- SHA1
  
  ee0eb1a93a306dfc65e12264d3e45cd5f6df9194
- SHA256
  
  ecb287f510e74e70d744a498689177773b5cf79c6e52a2971b403bbc70befe9b
- SHA512
  
  9f260a7f6a77192dc81efc21591bdad61c57854d7f5bbc0cdb2037eabedf45fad642554e16724026eb9b3df7b1eb6794ab2b069762b5f6b9b8bad8c05651e4f2
- SSDEEP
  
  3072:thBMINbZ8bHsz1uDPN82b4qiHLRnFRslWhr:thBMVMo/ZiHlFR9p
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2