2cb534ea090f79128c0c77386d2cc00176fa315ac6f7ce4e0ea4ab3ce08116d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b2079b9d101e9b5ea9011bdb01932a4_JaffaCakes118
Size

120KB
Sample

240715-yfxvjawdnn
MD5

4b2079b9d101e9b5ea9011bdb01932a4
SHA1

9468319e22bf49df92102cbe59e85d05a6d79566
SHA256

2cb534ea090f79128c0c77386d2cc00176fa315ac6f7ce4e0ea4ab3ce08116d0
SHA512

0f715c8a634f47f9d8e4659a0be9f7997b4f059d7c0db612770892bd336c60a4002a21d66b567464378f4f272b88d8ecf99e36ee4fdc55fa3c28dc95de7a8e07
SSDEEP

1536:gwpMKOwLrHSlseGJ3ZQDIC0wSWHoNpLqdO/A+gC5e9KuFdBWqxW9SXfTckQQm:NhOw3EgJ2DLFqqVfKSKidJxW9SXfeQm

Score

7^/10

Malware Config

Targets

- Target
  
  4b2079b9d101e9b5ea9011bdb01932a4_JaffaCakes118
- Size
  
  120KB
- MD5
  
  4b2079b9d101e9b5ea9011bdb01932a4
- SHA1
  
  9468319e22bf49df92102cbe59e85d05a6d79566
- SHA256
  
  2cb534ea090f79128c0c77386d2cc00176fa315ac6f7ce4e0ea4ab3ce08116d0
- SHA512
  
  0f715c8a634f47f9d8e4659a0be9f7997b4f059d7c0db612770892bd336c60a4002a21d66b567464378f4f272b88d8ecf99e36ee4fdc55fa3c28dc95de7a8e07
- SSDEEP
  
  1536:gwpMKOwLrHSlseGJ3ZQDIC0wSWHoNpLqdO/A+gC5e9KuFdBWqxW9SXfTckQQm:NhOw3EgJ2DLFqqVfKSKidJxW9SXfeQm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2