46234949af62291242805d2f33a6af522efce251cfc053465be677d29a2a19fd | Triage

Sharing

General

Target

495ed03e17c27fa4c20deb6bd435dc2c_JaffaCakes118
Size

1.8MB
Sample

240715-md33zsthrb
MD5

495ed03e17c27fa4c20deb6bd435dc2c
SHA1

4ff6f239ed7adf13368e0ba8df0d44230837085a
SHA256

46234949af62291242805d2f33a6af522efce251cfc053465be677d29a2a19fd
SHA512

ccfc6a43c9a22f022ea95399cda607c26dccd4b5d031c18891a897fd94c502dd280c8083061a23a6474477a1085c995d8e6f978d25741016db5b06e39bd991cc
SSDEEP

24576:f1kXXvxyJp759Potg4rfYF1NLpw5aopS/IVyCRE/a8Gg9bnRvOmpC9L58jXWeSvH:f1I56947yLGgZR7M2GeSuc78LA

Score

7^/10

Malware Config

Targets

- Target
  
  495ed03e17c27fa4c20deb6bd435dc2c_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  495ed03e17c27fa4c20deb6bd435dc2c
- SHA1
  
  4ff6f239ed7adf13368e0ba8df0d44230837085a
- SHA256
  
  46234949af62291242805d2f33a6af522efce251cfc053465be677d29a2a19fd
- SHA512
  
  ccfc6a43c9a22f022ea95399cda607c26dccd4b5d031c18891a897fd94c502dd280c8083061a23a6474477a1085c995d8e6f978d25741016db5b06e39bd991cc
- SSDEEP
  
  24576:f1kXXvxyJp759Potg4rfYF1NLpw5aopS/IVyCRE/a8Gg9bnRvOmpC9L58jXWeSvH:f1I56947yLGgZR7M2GeSuc78LA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2