17ba5583dfca24b1cb4dfe81f33bd9968dbbb65b333c0c266ab967d177d873de | Triage

Sharing

General

Target

a0d55c8160b08d9263508b7c251d0fc5_JaffaCakes118
Size

5.6MB
Sample

240817-cnvt9avdjr
MD5

a0d55c8160b08d9263508b7c251d0fc5
SHA1

632c8459f2ff3662d0ae81bb624388b1e25ff148
SHA256

17ba5583dfca24b1cb4dfe81f33bd9968dbbb65b333c0c266ab967d177d873de
SHA512

7b9b22b460ba56fe2921c1dd92b35f135867d840aa9ed6377926fbfb60ee3702c4ba3f803072ac1698206aba50dcc4440adcbaa98a35462bdb75aa9bf04afc8c
SSDEEP

98304:94oPH5ETCMX2X/qZ/Q8B/NliGCRCSlEp4PF7s5Fy0fcC+GuBJvwm9EwMiCgb3s:Gov5ETpGy1lc7lGGF7svyXzv/Mia

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a0d55c8160b08d9263508b7c251d0fc5_JaffaCakes118
- Size
  
  5.6MB
- MD5
  
  a0d55c8160b08d9263508b7c251d0fc5
- SHA1
  
  632c8459f2ff3662d0ae81bb624388b1e25ff148
- SHA256
  
  17ba5583dfca24b1cb4dfe81f33bd9968dbbb65b333c0c266ab967d177d873de
- SHA512
  
  7b9b22b460ba56fe2921c1dd92b35f135867d840aa9ed6377926fbfb60ee3702c4ba3f803072ac1698206aba50dcc4440adcbaa98a35462bdb75aa9bf04afc8c
- SSDEEP
  
  98304:94oPH5ETCMX2X/qZ/Q8B/NliGCRCSlEp4PF7s5Fy0fcC+GuBJvwm9EwMiCgb3s:Gov5ETpGy1lc7lGGF7svyXzv/Mia
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2