c1adb7647f66ca956218ce405e4fd16626a9420cb7e8bf1efc7d7b2a491d04dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78a003996a1e108da0eec20d89c7b64d_JaffaCakes118
Size

424KB
Sample

240727-st7zrsyepd
MD5

78a003996a1e108da0eec20d89c7b64d
SHA1

4e5f3c187f53efd646cd2c37eba6286d89398995
SHA256

c1adb7647f66ca956218ce405e4fd16626a9420cb7e8bf1efc7d7b2a491d04dd
SHA512

14baf19a3c463c0f64e00e24eb7cefcbbdaceebb96535c3b7d58034f539b2a36e9167c88974ea1f68c04bdb79b51363919ebf836497eed2bcb60bdb70c3737e0
SSDEEP

12288:Ci+WK0hdNYMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMEEEEEEu:CNWK0hPYMMMMMMMMMMMMMMMMMMMMMMM9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  78a003996a1e108da0eec20d89c7b64d_JaffaCakes118
- Size
  
  424KB
- MD5
  
  78a003996a1e108da0eec20d89c7b64d
- SHA1
  
  4e5f3c187f53efd646cd2c37eba6286d89398995
- SHA256
  
  c1adb7647f66ca956218ce405e4fd16626a9420cb7e8bf1efc7d7b2a491d04dd
- SHA512
  
  14baf19a3c463c0f64e00e24eb7cefcbbdaceebb96535c3b7d58034f539b2a36e9167c88974ea1f68c04bdb79b51363919ebf836497eed2bcb60bdb70c3737e0
- SSDEEP
  
  12288:Ci+WK0hdNYMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMEEEEEEu:CNWK0hPYMMMMMMMMMMMMMMMMMMMMMMM9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2