cd36ff17ea354bf7158865f7e1ad01f6dd60a4fe74460a12d8e56e3f2bd0cffa | Triage

Sharing

General

Target

6f81d7cfaa3f85db6cc7f5d4de899a52_JaffaCakes118
Size

567KB
Sample

240725-paz82a1bqe
MD5

6f81d7cfaa3f85db6cc7f5d4de899a52
SHA1

9eddb395bc0bd52f051f6ac94055898edcc39262
SHA256

cd36ff17ea354bf7158865f7e1ad01f6dd60a4fe74460a12d8e56e3f2bd0cffa
SHA512

97887a733c659c5ab08d0c8836a5e6d96b1ec13f592ae3e78f14964bc1fe1c14e13efcfcdfa2fe9d6b5071b94b86f6fcffe3c4c5ffdb81f0ceb7a1b36072b54d
SSDEEP

12288:NJYIlIUr41owTtmHgYPW82ImgHTas8NrWr4YYARWP/yYaI1xCLo6yvk:NZlaTtmHJPWBImCTar84XH7x1s8Zs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6f81d7cfaa3f85db6cc7f5d4de899a52_JaffaCakes118
- Size
  
  567KB
- MD5
  
  6f81d7cfaa3f85db6cc7f5d4de899a52
- SHA1
  
  9eddb395bc0bd52f051f6ac94055898edcc39262
- SHA256
  
  cd36ff17ea354bf7158865f7e1ad01f6dd60a4fe74460a12d8e56e3f2bd0cffa
- SHA512
  
  97887a733c659c5ab08d0c8836a5e6d96b1ec13f592ae3e78f14964bc1fe1c14e13efcfcdfa2fe9d6b5071b94b86f6fcffe3c4c5ffdb81f0ceb7a1b36072b54d
- SSDEEP
  
  12288:NJYIlIUr41owTtmHgYPW82ImgHTas8NrWr4YYARWP/yYaI1xCLo6yvk:NZlaTtmHJPWBImCTar84XH7x1s8Zs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2