df2e36d70bf4191f38e1f57e26d64b200478f987e9f9909d11a67e66727cea5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cb14d722a8d2af06c8b77729ea1ac7a_JaffaCakes118
Size

29KB
Sample

240716-ec3f3awfqh
MD5

4cb14d722a8d2af06c8b77729ea1ac7a
SHA1

081677b944bacd7eedbe0acb7b6eb78a74f4f20d
SHA256

df2e36d70bf4191f38e1f57e26d64b200478f987e9f9909d11a67e66727cea5f
SHA512

2c7ab61111927ed5648dfcd0da0c18b51329b185e0ff646e5d7873d5f024b8016162b9a787710c37c1a5660709d18593abbb46430a075e3b91d49686fbe4e1f0
SSDEEP

384:Bq2wvloh4RQH2qr+TaJ7yUWaHPyGSehK9HDnCC0IJB21Wr:MFlohYq2LTalyBa5FK929u

Score

7^/10

Malware Config

Targets

- Target
  
  4cb14d722a8d2af06c8b77729ea1ac7a_JaffaCakes118
- Size
  
  29KB
- MD5
  
  4cb14d722a8d2af06c8b77729ea1ac7a
- SHA1
  
  081677b944bacd7eedbe0acb7b6eb78a74f4f20d
- SHA256
  
  df2e36d70bf4191f38e1f57e26d64b200478f987e9f9909d11a67e66727cea5f
- SHA512
  
  2c7ab61111927ed5648dfcd0da0c18b51329b185e0ff646e5d7873d5f024b8016162b9a787710c37c1a5660709d18593abbb46430a075e3b91d49686fbe4e1f0
- SSDEEP
  
  384:Bq2wvloh4RQH2qr+TaJ7yUWaHPyGSehK9HDnCC0IJB21Wr:MFlohYq2LTalyBa5FK929u
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2