16a9459a71e9f5b694fb4323e43affc3c6dba050ea7d389684c36d0faf5878cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61d9e988eade69c6acde5a053d291044_JaffaCakes118
Size

797KB
Sample

240721-3efxvasepk
MD5

61d9e988eade69c6acde5a053d291044
SHA1

ad49a1a376d557c53b75a34b87264deddcdddd8e
SHA256

16a9459a71e9f5b694fb4323e43affc3c6dba050ea7d389684c36d0faf5878cd
SHA512

034338f98bc89b4d159498712c5698a2b8f0fcb9c494cd39c50efced6ffa8a085655a79f44ef78ed8bbc51b97615ff6b6ce2bec833829c9124a102fcf06ecc07
SSDEEP

6144:5ALU8xEuTboDiSPuEmFXqROGW2KCGbEY5BwnK9msAy95Gkd58W4kbbbiccchgmgi:GL5/0DEEmcROGWMGbrwnKH78W

Score

7^/10

Malware Config

Targets

- Target
  
  61d9e988eade69c6acde5a053d291044_JaffaCakes118
- Size
  
  797KB
- MD5
  
  61d9e988eade69c6acde5a053d291044
- SHA1
  
  ad49a1a376d557c53b75a34b87264deddcdddd8e
- SHA256
  
  16a9459a71e9f5b694fb4323e43affc3c6dba050ea7d389684c36d0faf5878cd
- SHA512
  
  034338f98bc89b4d159498712c5698a2b8f0fcb9c494cd39c50efced6ffa8a085655a79f44ef78ed8bbc51b97615ff6b6ce2bec833829c9124a102fcf06ecc07
- SSDEEP
  
  6144:5ALU8xEuTboDiSPuEmFXqROGW2KCGbEY5BwnK9msAy95Gkd58W4kbbbiccchgmgi:GL5/0DEEmcROGWMGbrwnKH78W
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2