d6ee879555b422e175e0a6149b3ac542c5784f278da298e9de08ed3f8b85794e | Triage

Sharing

General

Target

1c190d68622881257df63c3994fd6ac9_JaffaCakes118
Size

166KB
Sample

240701-xdg6maxclp
MD5

1c190d68622881257df63c3994fd6ac9
SHA1

d2e010e703055e259d8c0fc69073bdd7a40e56ea
SHA256

d6ee879555b422e175e0a6149b3ac542c5784f278da298e9de08ed3f8b85794e
SHA512

c6172693231b440d6782eb12a9ab85951d18c52f7003e9b33e1877af45bde278eafdd275898c898be3616e3a0cbea4f89eebc97f6deb28bdfd1f0978d9cae104
SSDEEP

3072:vzXbecErQwV58yfLBH+Js448R76j5aZIffFynk9LrsGXcoWk7PunmJOL3Oo:vzycErQw4yfLBeJGFaZIFak9LrXXcG7G

Score

7^/10

Malware Config

Targets

- Target
  
  1c190d68622881257df63c3994fd6ac9_JaffaCakes118
- Size
  
  166KB
- MD5
  
  1c190d68622881257df63c3994fd6ac9
- SHA1
  
  d2e010e703055e259d8c0fc69073bdd7a40e56ea
- SHA256
  
  d6ee879555b422e175e0a6149b3ac542c5784f278da298e9de08ed3f8b85794e
- SHA512
  
  c6172693231b440d6782eb12a9ab85951d18c52f7003e9b33e1877af45bde278eafdd275898c898be3616e3a0cbea4f89eebc97f6deb28bdfd1f0978d9cae104
- SSDEEP
  
  3072:vzXbecErQwV58yfLBH+Js448R76j5aZIffFynk9LrsGXcoWk7PunmJOL3Oo:vzycErQw4yfLBeJGFaZIFak9LrXXcG7G
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2