ed133664e282b53e3bf37c31d0842005221a8285f0acc219b0647d97f55bdb29 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

360424d8a405630352c1e411ebe5d1dc_JaffaCakes118
Size

706KB
Sample

240710-xt1b5svemp
MD5

360424d8a405630352c1e411ebe5d1dc
SHA1

0538c1fb127f7d75baea77633601f7494d229960
SHA256

ed133664e282b53e3bf37c31d0842005221a8285f0acc219b0647d97f55bdb29
SHA512

f0460ceb0753e29993accbd17c8cd9f9d0dd8610a44d7b11ad171b9e20cfa14475436125142ccf76eee53fffc17f51aa0080bf0c60235d786e0d81b6dc938896
SSDEEP

12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspz7b4WdVqXFrwam:gpQ/6trYlvYPK+lqD73TeGspzI2QX93m

Score

7^/10

Malware Config

Targets

- Target
  
  360424d8a405630352c1e411ebe5d1dc_JaffaCakes118
- Size
  
  706KB
- MD5
  
  360424d8a405630352c1e411ebe5d1dc
- SHA1
  
  0538c1fb127f7d75baea77633601f7494d229960
- SHA256
  
  ed133664e282b53e3bf37c31d0842005221a8285f0acc219b0647d97f55bdb29
- SHA512
  
  f0460ceb0753e29993accbd17c8cd9f9d0dd8610a44d7b11ad171b9e20cfa14475436125142ccf76eee53fffc17f51aa0080bf0c60235d786e0d81b6dc938896
- SSDEEP
  
  12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspz7b4WdVqXFrwam:gpQ/6trYlvYPK+lqD73TeGspzI2QX93m
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2