49d2629b49e58c6f508177a4f18c3842ec713c5ee7151baf2747e6a9713132f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36d87f8c41fea332995433d38bcb10f2_JaffaCakes118
Size

1.4MB
Sample

240710-3j6ztsydla
MD5

36d87f8c41fea332995433d38bcb10f2
SHA1

9358ca230276bc8f83f35f0768d3bc4e0cbd3ab0
SHA256

49d2629b49e58c6f508177a4f18c3842ec713c5ee7151baf2747e6a9713132f7
SHA512

5ac1823ee5d16ee7e49d8f1d0a9fb3404693950c2bc5487c81fb4865de7829ed436aace3af35ac38d371b82b8b038a63580864d8bdb687e5f4bdb673a67cf1f2
SSDEEP

24576:oJv6agUpS8x7mmUkI5gzMl2qKQ3UbH8zJvdZKaTv8vWuce2Jffk/bl:oJv/gj8x7mmUkfzQ2qKO6WxdZKa7f82U

Score

7^/10

Malware Config

Targets

- Target
  
  36d87f8c41fea332995433d38bcb10f2_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  36d87f8c41fea332995433d38bcb10f2
- SHA1
  
  9358ca230276bc8f83f35f0768d3bc4e0cbd3ab0
- SHA256
  
  49d2629b49e58c6f508177a4f18c3842ec713c5ee7151baf2747e6a9713132f7
- SHA512
  
  5ac1823ee5d16ee7e49d8f1d0a9fb3404693950c2bc5487c81fb4865de7829ed436aace3af35ac38d371b82b8b038a63580864d8bdb687e5f4bdb673a67cf1f2
- SSDEEP
  
  24576:oJv6agUpS8x7mmUkI5gzMl2qKQ3UbH8zJvdZKaTv8vWuce2Jffk/bl:oJv/gj8x7mmUkfzQ2qKO6WxdZKa7f82U
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2