50cd9debd536333f0ce6eb6d5be80b5fc83bcdc1b79901ff284a7cfb6b4b7464 | Triage

Sharing

General

Target

1573fad434450fb49bf48d457f094845_JaffaCakes118
Size

1.6MB
Sample

240627-k71tlstdnh
MD5

1573fad434450fb49bf48d457f094845
SHA1

bba0c525802248935aa369d889c7d58badb009cd
SHA256

50cd9debd536333f0ce6eb6d5be80b5fc83bcdc1b79901ff284a7cfb6b4b7464
SHA512

351aa3efe871766a84fb697f2ccdce5663914c65bbf2342cb0f2c8ebcd2d3e178cd851aaaaf2f7e74962e081164f7fb2ab87de7009c0658f06a23e731cf26c95
SSDEEP

24576:RMjhbaRhUW/H1R9OyNc7WaDAqADz/dOFlWJjJG+1BnS+lhdqJ0mh9ON+Q2I9FjC0:oERh/n9htKAvDdLJ9G+zS+LA79VBI1rP

Score

7^/10

Malware Config

Targets

- Target
  
  1573fad434450fb49bf48d457f094845_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  1573fad434450fb49bf48d457f094845
- SHA1
  
  bba0c525802248935aa369d889c7d58badb009cd
- SHA256
  
  50cd9debd536333f0ce6eb6d5be80b5fc83bcdc1b79901ff284a7cfb6b4b7464
- SHA512
  
  351aa3efe871766a84fb697f2ccdce5663914c65bbf2342cb0f2c8ebcd2d3e178cd851aaaaf2f7e74962e081164f7fb2ab87de7009c0658f06a23e731cf26c95
- SSDEEP
  
  24576:RMjhbaRhUW/H1R9OyNc7WaDAqADz/dOFlWJjJG+1BnS+lhdqJ0mh9ON+Q2I9FjC0:oERh/n9htKAvDdLJ9G+zS+LA79VBI1rP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2