7d42eed431b0f1107f1fa82151916047c5e4bb37a07bf51ab75167943b498f2b | Triage

Sharing

General

Target

8e9c0c7d17175e250dab9c1a3f566dd8_JaffaCakes118
Size

2.5MB
Sample

240812-nvr8gszblj
MD5

8e9c0c7d17175e250dab9c1a3f566dd8
SHA1

8dfd1e21610cd6467c25fa843a9d15915814e3b8
SHA256

7d42eed431b0f1107f1fa82151916047c5e4bb37a07bf51ab75167943b498f2b
SHA512

32fecd76d5d82d56341ffc15a9e2e81e6b341c44f0410cd4a27687819027c8d966660e4c753b5713d406e7f4fea81211ee75cbcb5888de12391196ba0a909b06
SSDEEP

49152:ocy796EvMtTx435MtV+rnUgKLWgAOXDHpSeZtk6EBI1rT:47AEvgVOXUgKLWgAWHXyHY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8e9c0c7d17175e250dab9c1a3f566dd8_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  8e9c0c7d17175e250dab9c1a3f566dd8
- SHA1
  
  8dfd1e21610cd6467c25fa843a9d15915814e3b8
- SHA256
  
  7d42eed431b0f1107f1fa82151916047c5e4bb37a07bf51ab75167943b498f2b
- SHA512
  
  32fecd76d5d82d56341ffc15a9e2e81e6b341c44f0410cd4a27687819027c8d966660e4c753b5713d406e7f4fea81211ee75cbcb5888de12391196ba0a909b06
- SSDEEP
  
  49152:ocy796EvMtTx435MtV+rnUgKLWgAOXDHpSeZtk6EBI1rT:47AEvgVOXUgKLWgAWHXyHY
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2