984c3b590a693b2726adbfee83f7d2d3e525b9cef8d00df5dbfe173fa29f98fb | Triage

Sharing

General

Target

464003753649986b1ceb3e70fde5437a_JaffaCakes118
Size

2.5MB
Sample

240714-r1tkaaxamb
MD5

464003753649986b1ceb3e70fde5437a
SHA1

2ce5025200bfb6dbc352e80077f087f0d17c1eb2
SHA256

984c3b590a693b2726adbfee83f7d2d3e525b9cef8d00df5dbfe173fa29f98fb
SHA512

bcaf5f9ecd8d6accb739be55bb9d8a5d1773e70cb261e0edc9a53c707ec4e0be33c474c729a8f33bbe278e6a3b79fce2ebc06b9d15eeb07f75da4349745fa46d
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1r0:o7AEvgVOy29Ls3JslVYzjMO26il

Score

7^/10

Malware Config

Targets

- Target
  
  464003753649986b1ceb3e70fde5437a_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  464003753649986b1ceb3e70fde5437a
- SHA1
  
  2ce5025200bfb6dbc352e80077f087f0d17c1eb2
- SHA256
  
  984c3b590a693b2726adbfee83f7d2d3e525b9cef8d00df5dbfe173fa29f98fb
- SHA512
  
  bcaf5f9ecd8d6accb739be55bb9d8a5d1773e70cb261e0edc9a53c707ec4e0be33c474c729a8f33bbe278e6a3b79fce2ebc06b9d15eeb07f75da4349745fa46d
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1r0:o7AEvgVOy29Ls3JslVYzjMO26il
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2