812fa50afce9826249fde767b4fb069af897a24d7dd1260734cb0701f18af70f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a585fae8ce037911b384c79d03efbcc_JaffaCakes118
Size

4.5MB
Sample

240601-npgjssbc4z
MD5

8a585fae8ce037911b384c79d03efbcc
SHA1

e293e9940d3879342f523c966b1acad3a20296e7
SHA256

812fa50afce9826249fde767b4fb069af897a24d7dd1260734cb0701f18af70f
SHA512

b4824bfd0e118de4fcaafe387bcd9afd0a5937d10eedbaae6cfb87bcb2c1fd4b07bd51e40e397da8d72ca0654e8273079d32e7d4a89d7a4fee2b591389fc4a5e
SSDEEP

98304:c7RAUTOZw7WS/CYc87Q8Y14o9tOGsazRid1fOla9ZZg:clXOSCgpYSv6sd1fYeLg

Score

7^/10

Malware Config

Targets

- Target
  
  8a585fae8ce037911b384c79d03efbcc_JaffaCakes118
- Size
  
  4.5MB
- MD5
  
  8a585fae8ce037911b384c79d03efbcc
- SHA1
  
  e293e9940d3879342f523c966b1acad3a20296e7
- SHA256
  
  812fa50afce9826249fde767b4fb069af897a24d7dd1260734cb0701f18af70f
- SHA512
  
  b4824bfd0e118de4fcaafe387bcd9afd0a5937d10eedbaae6cfb87bcb2c1fd4b07bd51e40e397da8d72ca0654e8273079d32e7d4a89d7a4fee2b591389fc4a5e
- SSDEEP
  
  98304:c7RAUTOZw7WS/CYc87Q8Y14o9tOGsazRid1fOla9ZZg:clXOSCgpYSv6sd1fYeLg
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2