7ccea256efc12bb1bdf6bfc282840b8722a4f621ee9649a43f93bcbf6a937746 | Triage

Sharing

General

Target

149c09929cb0db3cc3a58f1501a3c9e7_JaffaCakes118
Size

422KB
Sample

240627-el5yjsthkl
MD5

149c09929cb0db3cc3a58f1501a3c9e7
SHA1

54529f323a5127c675e56fd9f1a22b3d0254eaed
SHA256

7ccea256efc12bb1bdf6bfc282840b8722a4f621ee9649a43f93bcbf6a937746
SHA512

36eb5950e45e48d471bbb45335099451fdef3cd40934dbe79a935ad71230a210389935886bc99380d4d575985e7eedf5d5194fb413fa27e788fb27f148495738
SSDEEP

12288:n5lVkUbZIRQm2N43IEvK+S2f7W8fNUr6:n3VkUWR52Yv22f7WSNUr

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  149c09929cb0db3cc3a58f1501a3c9e7_JaffaCakes118
- Size
  
  422KB
- MD5
  
  149c09929cb0db3cc3a58f1501a3c9e7
- SHA1
  
  54529f323a5127c675e56fd9f1a22b3d0254eaed
- SHA256
  
  7ccea256efc12bb1bdf6bfc282840b8722a4f621ee9649a43f93bcbf6a937746
- SHA512
  
  36eb5950e45e48d471bbb45335099451fdef3cd40934dbe79a935ad71230a210389935886bc99380d4d575985e7eedf5d5194fb413fa27e788fb27f148495738
- SSDEEP
  
  12288:n5lVkUbZIRQm2N43IEvK+S2f7W8fNUr6:n3VkUWR52Yv22f7WSNUr
Score

8^/10

evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2