36c049aff4a36f0bf11c93e9677dbb633b43d5407a7e0a0fa80e5ebe27f48903 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ce5b0abe27d157eaf6fe1acd6420972_JaffaCakes118
Size

162KB
Sample

240812-ckghfsvcnc
MD5

8ce5b0abe27d157eaf6fe1acd6420972
SHA1

8be4e32d002b74bd7dead703165c7089768bf7de
SHA256

36c049aff4a36f0bf11c93e9677dbb633b43d5407a7e0a0fa80e5ebe27f48903
SHA512

bf5e0c31768bd24cde591842d2bb5996a0ef06b3cd0802b907bcf49f14ba0997f6d1b2391a23e20f460b61fda5b97f3723f295eda094b9044d82d6acb73b0b76
SSDEEP

3072:RSJCdwqpFIXWorQArJKYcvZXBBhlNliM3WaEhJupbhpLq7X:oJCu4IGosAEYcvxNUYWaEmpNVq7X

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  8ce5b0abe27d157eaf6fe1acd6420972_JaffaCakes118
- Size
  
  162KB
- MD5
  
  8ce5b0abe27d157eaf6fe1acd6420972
- SHA1
  
  8be4e32d002b74bd7dead703165c7089768bf7de
- SHA256
  
  36c049aff4a36f0bf11c93e9677dbb633b43d5407a7e0a0fa80e5ebe27f48903
- SHA512
  
  bf5e0c31768bd24cde591842d2bb5996a0ef06b3cd0802b907bcf49f14ba0997f6d1b2391a23e20f460b61fda5b97f3723f295eda094b9044d82d6acb73b0b76
- SSDEEP
  
  3072:RSJCdwqpFIXWorQArJKYcvZXBBhlNliM3WaEhJupbhpLq7X:oJCu4IGosAEYcvxNUYWaEmpNVq7X
Score

8^/10

discovery
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2