512e246d857014a246c65d2f56d7d827bf93ce834e62391040528f724216109f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ea487db193b42041a094833671799e2_JaffaCakes118
Size

940KB
Sample

240812-n25gdszdrj
MD5

8ea487db193b42041a094833671799e2
SHA1

0687d38aeca7cf2a932e563f42e42a1dc659ec62
SHA256

512e246d857014a246c65d2f56d7d827bf93ce834e62391040528f724216109f
SHA512

268caf19290561180c559780099bdbbf4d94001fa50540dfbfa728c3d787b4f239ee1cc7aca78b9128d2a61090e3b6aefbb653966527e0a9cef20e56e361b07f
SSDEEP

12288:BYuF2OPlgCxbUuqEolqhlBG0EZRYx35Ua8wvJfiU3us5NhOblYNTwUkVQ+PYJEn:BYuFhCwUuqDluBMfEhJX3z5mKhwbLe2

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8ea487db193b42041a094833671799e2_JaffaCakes118
- Size
  
  940KB
- MD5
  
  8ea487db193b42041a094833671799e2
- SHA1
  
  0687d38aeca7cf2a932e563f42e42a1dc659ec62
- SHA256
  
  512e246d857014a246c65d2f56d7d827bf93ce834e62391040528f724216109f
- SHA512
  
  268caf19290561180c559780099bdbbf4d94001fa50540dfbfa728c3d787b4f239ee1cc7aca78b9128d2a61090e3b6aefbb653966527e0a9cef20e56e361b07f
- SSDEEP
  
  12288:BYuF2OPlgCxbUuqEolqhlBG0EZRYx35Ua8wvJfiU3us5NhOblYNTwUkVQ+PYJEn:BYuFhCwUuqDluBMfEhJX3z5mKhwbLe2
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2