882e32faa90b13e70d1b314cb6eb59fe9651cf3823651bee5eec48203a4d3bfa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89fb97cf65ecbb41136cf7aee44233f8_JaffaCakes118
Size

281KB
Sample

240811-l98gxazamd
MD5

89fb97cf65ecbb41136cf7aee44233f8
SHA1

10396160287f657152a87a7e922e5f7a06c1d416
SHA256

882e32faa90b13e70d1b314cb6eb59fe9651cf3823651bee5eec48203a4d3bfa
SHA512

bfe7a6110b4f9b91f4fa527ac32ceaf831f3f4a8dec910c7d6b37fd3fd4a98b73930a6643a5048ef465ff3c142fab8500ba70f4bfde60f08d61db36042a42ab6
SSDEEP

6144:CsniRd3M0SVjIJmVSUkY4M0SVjIJmVSUkYw:Lcd3LS4bY4LS4bYw

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  89fb97cf65ecbb41136cf7aee44233f8_JaffaCakes118
- Size
  
  281KB
- MD5
  
  89fb97cf65ecbb41136cf7aee44233f8
- SHA1
  
  10396160287f657152a87a7e922e5f7a06c1d416
- SHA256
  
  882e32faa90b13e70d1b314cb6eb59fe9651cf3823651bee5eec48203a4d3bfa
- SHA512
  
  bfe7a6110b4f9b91f4fa527ac32ceaf831f3f4a8dec910c7d6b37fd3fd4a98b73930a6643a5048ef465ff3c142fab8500ba70f4bfde60f08d61db36042a42ab6
- SSDEEP
  
  6144:CsniRd3M0SVjIJmVSUkY4M0SVjIJmVSUkYw:Lcd3LS4bY4LS4bYw
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2