b44ce57bcff9bc4c9cbe79fb31be96ed804f73bb1720876fe8bb84c399c40312 | Triage

Sharing

General

Target

61640faa3e35e0c43ea9d46fa945a8fa_JaffaCakes118
Size

1.5MB
Sample

240721-zw52hsvbrg
MD5

61640faa3e35e0c43ea9d46fa945a8fa
SHA1

df716eff523ec5630899a9a6e453c84da92f4ddd
SHA256

b44ce57bcff9bc4c9cbe79fb31be96ed804f73bb1720876fe8bb84c399c40312
SHA512

e11b1ba235ad7f669bcb963d8ae75160798064549b8bc6d54f7622d59dfaf8594ae00f82fa3f0acbf92ec3f782708f13bcd4ddde19ba14b8a565ecdba5c2f2ba
SSDEEP

24576:9i9deVMdRnYcRnYaRnY2RnYKRnYrRnYERnYB:9m1dRnYcRnYaRnY2RnYKRnYrRnYERnY

Score

7^/10

Malware Config

Targets

- Target
  
  61640faa3e35e0c43ea9d46fa945a8fa_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  61640faa3e35e0c43ea9d46fa945a8fa
- SHA1
  
  df716eff523ec5630899a9a6e453c84da92f4ddd
- SHA256
  
  b44ce57bcff9bc4c9cbe79fb31be96ed804f73bb1720876fe8bb84c399c40312
- SHA512
  
  e11b1ba235ad7f669bcb963d8ae75160798064549b8bc6d54f7622d59dfaf8594ae00f82fa3f0acbf92ec3f782708f13bcd4ddde19ba14b8a565ecdba5c2f2ba
- SSDEEP
  
  24576:9i9deVMdRnYcRnYaRnY2RnYKRnYrRnYERnYB:9m1dRnYcRnYaRnY2RnYKRnYrRnYERnY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2