f64fce7ee367147db491eca808a57518552fd499a83ce7b74210d2e08e37a0bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a29cead68c695ca13d594a717cc6768a_JaffaCakes118
Size

71KB
Sample

240817-p55f8szapj
MD5

a29cead68c695ca13d594a717cc6768a
SHA1

e90265bf72d0f1939b89d48da281ac95d3600cf7
SHA256

f64fce7ee367147db491eca808a57518552fd499a83ce7b74210d2e08e37a0bf
SHA512

d191dd3078f84707885e8535309b431989caafc4d3e2775e74845c3525bb4287972de2aacd71c448fd630c733b15fd0976f0d7a2caab7d16b8fcedff9aa8c112
SSDEEP

1536:o3lqwIhQJYD5E0j+N3jOlLtiPyWCIjJlGhcnpQm:0lomXUdI7GhQpQm

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a29cead68c695ca13d594a717cc6768a_JaffaCakes118
- Size
  
  71KB
- MD5
  
  a29cead68c695ca13d594a717cc6768a
- SHA1
  
  e90265bf72d0f1939b89d48da281ac95d3600cf7
- SHA256
  
  f64fce7ee367147db491eca808a57518552fd499a83ce7b74210d2e08e37a0bf
- SHA512
  
  d191dd3078f84707885e8535309b431989caafc4d3e2775e74845c3525bb4287972de2aacd71c448fd630c733b15fd0976f0d7a2caab7d16b8fcedff9aa8c112
- SSDEEP
  
  1536:o3lqwIhQJYD5E0j+N3jOlLtiPyWCIjJlGhcnpQm:0lomXUdI7GhQpQm
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2