59219bf30def7062fd563894543463db0edeaf3c76b4d83e09cffce2e2dea36c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64d80d02480835e135cf9626c41a8baf_JaffaCakes118
Size

1.2MB
Sample

240722-z56z6syhpn
MD5

64d80d02480835e135cf9626c41a8baf
SHA1

a08574a2f9de9567c66545972bb0eba1a2709251
SHA256

59219bf30def7062fd563894543463db0edeaf3c76b4d83e09cffce2e2dea36c
SHA512

08eba91e4e70519716202a2483fc071438e2c2acf46b26801491a3337f4d01e2f04105c43674dd020819b56c6ac5ef34303b0252a844279cbfe3a116397ee604
SSDEEP

24576:OSXnmfbQgmMfm0CusGPrR3p7ew5MbXkk1nlZEiY8LxVrUihtM:OS2fkgA4zR57d5UkkRzEiY2L6

Score

7^/10

Malware Config

Targets

- Target
  
  64d80d02480835e135cf9626c41a8baf_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  64d80d02480835e135cf9626c41a8baf
- SHA1
  
  a08574a2f9de9567c66545972bb0eba1a2709251
- SHA256
  
  59219bf30def7062fd563894543463db0edeaf3c76b4d83e09cffce2e2dea36c
- SHA512
  
  08eba91e4e70519716202a2483fc071438e2c2acf46b26801491a3337f4d01e2f04105c43674dd020819b56c6ac5ef34303b0252a844279cbfe3a116397ee604
- SSDEEP
  
  24576:OSXnmfbQgmMfm0CusGPrR3p7ew5MbXkk1nlZEiY8LxVrUihtM:OS2fkgA4zR57d5UkkRzEiY2L6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2