414e4d39e56b8cb4b199df340bea53bc3f220e25a7627e723a1f0a974a0858d2 | Triage

Sharing

General

Target

647cd4b2c8ea1693bea9efb6b1a575e8_JaffaCakes118
Size

6.8MB
Sample

240722-x5rt5steqd
MD5

647cd4b2c8ea1693bea9efb6b1a575e8
SHA1

0115273d2fac09ab3612d9f130f9b6ec0c86b5f9
SHA256

414e4d39e56b8cb4b199df340bea53bc3f220e25a7627e723a1f0a974a0858d2
SHA512

6828c8a58da6625783ba10609a710e6efa4aac8174e986c846e461a9740e9ce01be64f2a5783e2e77d9c60b3c07376ff666cb13ee8bd81c5dd7708e04a3689fe
SSDEEP

98304:OwMLUXzJzBQAfT7JVfmyfg5Q+4a/RsvtrkijMb/L3SZq0P1EY4pGFXNBnI/xCrCe:OwMLUj0KVk+EOrkiAjTsP1jeMo/xoNbt

Score

7^/10

Malware Config

Targets

- Target
  
  647cd4b2c8ea1693bea9efb6b1a575e8_JaffaCakes118
- Size
  
  6.8MB
- MD5
  
  647cd4b2c8ea1693bea9efb6b1a575e8
- SHA1
  
  0115273d2fac09ab3612d9f130f9b6ec0c86b5f9
- SHA256
  
  414e4d39e56b8cb4b199df340bea53bc3f220e25a7627e723a1f0a974a0858d2
- SHA512
  
  6828c8a58da6625783ba10609a710e6efa4aac8174e986c846e461a9740e9ce01be64f2a5783e2e77d9c60b3c07376ff666cb13ee8bd81c5dd7708e04a3689fe
- SSDEEP
  
  98304:OwMLUXzJzBQAfT7JVfmyfg5Q+4a/RsvtrkijMb/L3SZq0P1EY4pGFXNBnI/xCrCe:OwMLUj0KVk+EOrkiAjTsP1jeMo/xoNbt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2