edfaa25733c4d0f202c4339e9d4c338292ce5f4f24bd9b76bf1ba33e495e8e54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0482fc6ba4cc4e958263bd5ab32dbe8e_JaffaCakes118
Size

5.8MB
Sample

240620-kwfz3ayfkb
MD5

0482fc6ba4cc4e958263bd5ab32dbe8e
SHA1

17cb09ef62bf36fb057925bb4fbb615ab7c9700b
SHA256

edfaa25733c4d0f202c4339e9d4c338292ce5f4f24bd9b76bf1ba33e495e8e54
SHA512

9b4e83b89b53c4dbedbdb08f09b7b593009a6828d7b4936ab6a57f5d0683251785f1417a31e255f6c3318be9eef64e39633a5987aceffdd6834fab15276087dc
SSDEEP

98304:wnjNkF8Fe8YM9oUGxOEeHijKMTemHfxrNxr60H/FTh+0EMghGrOevzO:0e8Y8HG85GKzm/xX5HP/UqO

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  0482fc6ba4cc4e958263bd5ab32dbe8e_JaffaCakes118
- Size
  
  5.8MB
- MD5
  
  0482fc6ba4cc4e958263bd5ab32dbe8e
- SHA1
  
  17cb09ef62bf36fb057925bb4fbb615ab7c9700b
- SHA256
  
  edfaa25733c4d0f202c4339e9d4c338292ce5f4f24bd9b76bf1ba33e495e8e54
- SHA512
  
  9b4e83b89b53c4dbedbdb08f09b7b593009a6828d7b4936ab6a57f5d0683251785f1417a31e255f6c3318be9eef64e39633a5987aceffdd6834fab15276087dc
- SSDEEP
  
  98304:wnjNkF8Fe8YM9oUGxOEeHijKMTemHfxrNxr60H/FTh+0EMghGrOevzO:0e8Y8HG85GKzm/xX5HP/UqO
Score

7^/10

evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2