18c68757b5dfca97f62bacb19d36c520fef884674ec009f12174ce2e17bc8583 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7713201b1e67797236328aee2415bce6_JaffaCakes118
Size

466KB
Sample

240526-2vh7gafb2x
MD5

7713201b1e67797236328aee2415bce6
SHA1

87bcf62dbd39f2c1778f0cb4073cfd088186f14e
SHA256

18c68757b5dfca97f62bacb19d36c520fef884674ec009f12174ce2e17bc8583
SHA512

aa568081d3a00cc44505aa40104829ef607fd5370459af38f9664e8b4d67faa611e293310ea58819f859bdf528f67d4a2ddb0f93aec47b56d738c50813a4e34d
SSDEEP

12288:acRT+ftn01qyYNmHwAFqI/QEBeRq8NYilfPwVAlr:aco1n0Jr5F5/QEBOqjiltr

Score

7^/10

Malware Config

Targets

- Target
  
  qqfcksjqfz/久久FC.exe
- Size
  
  1.5MB
- MD5
  
  35b2493e58bc1795d07f58a3809e6882
- SHA1
  
  d13c05b2b61f9d6ebdc1585a6f9c331f581c9a0b
- SHA256
  
  54146055afc73bf9dc08a859c5781d7f635d7147d77c34bdc13c1294c11c8331
- SHA512
  
  0fd12b33adcf3fd046b16edfafc4a189d9a532773c4a3eba766c8dcbb0753b75cac6985991b308706bbf65244777a29c97d3ed75637d6107b09e6b342c90cc72
- SSDEEP
  
  24576:xuBC20ODvyYXdJoT0BbcX1sMLMPCMGAyBkQ4AYtHNMLbTvG:xl20dDoB4FNoPCMkBbSNMLnO
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2
- Target
  
  qqfcksjqfz/游戏大全.url
- Size
  
  168B
- MD5
  
  cb931a15c33bb5ebb73053d683c22724
- SHA1
  
  daac82561284078718cf61da8b2ad6fbe634062b
- SHA256
  
  2be129cd694103ee1a8866635cff99220e6ea33b12d38139215c1b310379bcbd
- SHA512
  
  9f668997e8d1c506854268ce0dd45649b5fad2a7a2817c88e7c9d0c17dea08278b2fec5ef0b3dcd75846a59caa96afccb8c4c3f3e6014690d20f3649638f8ab2
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4