3edd81056650abd40791b4cee4f0e0f98d5070b6b105f3ca227d8e14bb08b872 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97842576fb0f5ecf86e9dfc9808e61d6_JaffaCakes118
Size

749KB
Sample

240605-jkxb8shh9z
MD5

97842576fb0f5ecf86e9dfc9808e61d6
SHA1

6457e35b9ee041c29a9d103fd0cb94b855725d27
SHA256

3edd81056650abd40791b4cee4f0e0f98d5070b6b105f3ca227d8e14bb08b872
SHA512

4c9ef8dbb5ad868876f0444ace625eb3c725e15e747c565ee4af2d55bbb041c29a9163c9e345675554d49fe76cd21c00ff0f463498e0a4c83607dc4aa2ec90fd
SSDEEP

12288:7xmIJQvPkitEqZR3prMIEgzra+9tG/c/OMlUnXHY5BcPsVHxtdI3x9Eca5wpJ:tmoO8itEqfZAMfG/yJliX4/KCHxtOh9b

Score

7^/10

Malware Config

Targets

- Target
  
  97842576fb0f5ecf86e9dfc9808e61d6_JaffaCakes118
- Size
  
  749KB
- MD5
  
  97842576fb0f5ecf86e9dfc9808e61d6
- SHA1
  
  6457e35b9ee041c29a9d103fd0cb94b855725d27
- SHA256
  
  3edd81056650abd40791b4cee4f0e0f98d5070b6b105f3ca227d8e14bb08b872
- SHA512
  
  4c9ef8dbb5ad868876f0444ace625eb3c725e15e747c565ee4af2d55bbb041c29a9163c9e345675554d49fe76cd21c00ff0f463498e0a4c83607dc4aa2ec90fd
- SSDEEP
  
  12288:7xmIJQvPkitEqZR3prMIEgzra+9tG/c/OMlUnXHY5BcPsVHxtdI3x9Eca5wpJ:tmoO8itEqfZAMfG/yJliX4/KCHxtOh9b
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2