af2c78b0fcc1b9fe0b4ab10ae0e8a4afd3723b46e50c8539fa6ce21b0d721f8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a982454c34da735038575f2b12685bb3_JaffaCakes118
Size

104KB
Sample

240819-elzrjatame
MD5

a982454c34da735038575f2b12685bb3
SHA1

fb3768eba3dbe96243155abc2ef4561781cfedef
SHA256

af2c78b0fcc1b9fe0b4ab10ae0e8a4afd3723b46e50c8539fa6ce21b0d721f8a
SHA512

8f5967f4cbce12a069f51a3e56109e506f5dabc53113e8afcb47ac7b2a355a4dd5223bbea16473176f592b27fdaf72f91a88e8b4af72f0cb9633219b60ca897d
SSDEEP

1536:RPRD93l1Iia5XY7wfVWEm/QD/btVXL2wqLFeRGJqJdJNJnJIJVPhQjiOBDXFpMj/:lnIF5XYkIEmI/btVb2wqYRGhy8Zoo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a982454c34da735038575f2b12685bb3_JaffaCakes118
- Size
  
  104KB
- MD5
  
  a982454c34da735038575f2b12685bb3
- SHA1
  
  fb3768eba3dbe96243155abc2ef4561781cfedef
- SHA256
  
  af2c78b0fcc1b9fe0b4ab10ae0e8a4afd3723b46e50c8539fa6ce21b0d721f8a
- SHA512
  
  8f5967f4cbce12a069f51a3e56109e506f5dabc53113e8afcb47ac7b2a355a4dd5223bbea16473176f592b27fdaf72f91a88e8b4af72f0cb9633219b60ca897d
- SSDEEP
  
  1536:RPRD93l1Iia5XY7wfVWEm/QD/btVXL2wqLFeRGJqJdJNJnJIJVPhQjiOBDXFpMj/:lnIF5XYkIEmI/btVb2wqYRGhy8Zoo
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2