66c46f7a510f440c588f9d63bfc1cb50643a402ad89ca0508c2e2daa5a464ec9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f23a023e0450811404ec6dd3b7ead79_JaffaCakes118
Size

16KB
Sample

240625-xd1mzaweqe
MD5

0f23a023e0450811404ec6dd3b7ead79
SHA1

ce0619f4480dffd1a029f28d97611aa8f1291f8c
SHA256

66c46f7a510f440c588f9d63bfc1cb50643a402ad89ca0508c2e2daa5a464ec9
SHA512

54b158f0569995e78dc70eb6f24e1bbc0b60c0669e6336156f5d4c4a60e544d70bcf7f3af97399f4351fb4659a392601d569dc305db4cf69dcb3dc040326a49b
SSDEEP

384:NqcLDWqiAy8GBf2AwX5SWcKOBqDXO+TY+a/GIRL195L:QytiADEuJTjO9+Y+q319J

Score

7^/10

Malware Config

Targets

- Target
  
  0f23a023e0450811404ec6dd3b7ead79_JaffaCakes118
- Size
  
  16KB
- MD5
  
  0f23a023e0450811404ec6dd3b7ead79
- SHA1
  
  ce0619f4480dffd1a029f28d97611aa8f1291f8c
- SHA256
  
  66c46f7a510f440c588f9d63bfc1cb50643a402ad89ca0508c2e2daa5a464ec9
- SHA512
  
  54b158f0569995e78dc70eb6f24e1bbc0b60c0669e6336156f5d4c4a60e544d70bcf7f3af97399f4351fb4659a392601d569dc305db4cf69dcb3dc040326a49b
- SSDEEP
  
  384:NqcLDWqiAy8GBf2AwX5SWcKOBqDXO+TY+a/GIRL195L:QytiADEuJTjO9+Y+q319J
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2