354137b566cc1af6c3bd58c66ab236446f32280aaa05c888b8d912c2bb806e28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ebc6ae930b9d9f0bfa0a054cbbfa820_JaffaCakes118
Size

735KB
Sample

240625-tvlnlatapk
MD5

0ebc6ae930b9d9f0bfa0a054cbbfa820
SHA1

a542602dbd03a66896c0233403c62cb31a24b7dc
SHA256

354137b566cc1af6c3bd58c66ab236446f32280aaa05c888b8d912c2bb806e28
SHA512

82bd5a054598418488974b2f64a7fa6f6fa885db625e0614d1aed29808e325ffbff01a63c2fc81fb7528528a7cf6a429bc5b152f76756ee23c3e859aa8eafe68
SSDEEP

12288:Yh3bMyI44YBHnXM55j+ALO2IunjZKpCu1liS+5zaF/MVgjoTuKo:4rl4YBHXOjX0CqlEaJMIhKo

Score

7^/10

Malware Config

Targets

- Target
  
  0ebc6ae930b9d9f0bfa0a054cbbfa820_JaffaCakes118
- Size
  
  735KB
- MD5
  
  0ebc6ae930b9d9f0bfa0a054cbbfa820
- SHA1
  
  a542602dbd03a66896c0233403c62cb31a24b7dc
- SHA256
  
  354137b566cc1af6c3bd58c66ab236446f32280aaa05c888b8d912c2bb806e28
- SHA512
  
  82bd5a054598418488974b2f64a7fa6f6fa885db625e0614d1aed29808e325ffbff01a63c2fc81fb7528528a7cf6a429bc5b152f76756ee23c3e859aa8eafe68
- SSDEEP
  
  12288:Yh3bMyI44YBHnXM55j+ALO2IunjZKpCu1liS+5zaF/MVgjoTuKo:4rl4YBHXOjX0CqlEaJMIhKo
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2