598b874d545037c6d95d0c1a6728c375e45d4a3920286e248fb02c2bb208d0f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88e4ccbf617f4efa2948e1868857ef0e_JaffaCakes118
Size

32KB
Sample

240811-ef76qaxhmd
MD5

88e4ccbf617f4efa2948e1868857ef0e
SHA1

2a2547729bcf3cbe704039b8ebdbb4cac6e8f938
SHA256

598b874d545037c6d95d0c1a6728c375e45d4a3920286e248fb02c2bb208d0f5
SHA512

c59cad8295f7b11959e0afa04dcf43451042318d95735307006908cca3751aa4150a6a770423b5192276b8fea5ac6df386ffa92f9552e4007eee3a985cca80b0
SSDEEP

384:gjVJ2U6LCEudoyhOzHJowpXB0CRboDGSnzV:wQ9Rd+Bz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  88e4ccbf617f4efa2948e1868857ef0e_JaffaCakes118
- Size
  
  32KB
- MD5
  
  88e4ccbf617f4efa2948e1868857ef0e
- SHA1
  
  2a2547729bcf3cbe704039b8ebdbb4cac6e8f938
- SHA256
  
  598b874d545037c6d95d0c1a6728c375e45d4a3920286e248fb02c2bb208d0f5
- SHA512
  
  c59cad8295f7b11959e0afa04dcf43451042318d95735307006908cca3751aa4150a6a770423b5192276b8fea5ac6df386ffa92f9552e4007eee3a985cca80b0
- SSDEEP
  
  384:gjVJ2U6LCEudoyhOzHJowpXB0CRboDGSnzV:wQ9Rd+Bz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2