1dface61d7c0b03f812586ccf06670fae76387d974bb5b59f06f26c8d01fa87e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab5bdf40903919e3fbaaf869c3c85f26_JaffaCakes118
Size

2.5MB
Sample

240819-rmkp8ayeqe
MD5

ab5bdf40903919e3fbaaf869c3c85f26
SHA1

2c618980de196c5ee6a8783af8bc3a30b8c9e570
SHA256

1dface61d7c0b03f812586ccf06670fae76387d974bb5b59f06f26c8d01fa87e
SHA512

05a4761262c9ccb939469516dc2ff821eb6d579e430b63bb8cdfe6af7794836b87803624000d1fdb1b80706d293531848592d5e1b3a20c0071f40de02cbba72e
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rT:o7AEvgVOy29Ls3JslVYzjMO26iI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ab5bdf40903919e3fbaaf869c3c85f26_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  ab5bdf40903919e3fbaaf869c3c85f26
- SHA1
  
  2c618980de196c5ee6a8783af8bc3a30b8c9e570
- SHA256
  
  1dface61d7c0b03f812586ccf06670fae76387d974bb5b59f06f26c8d01fa87e
- SHA512
  
  05a4761262c9ccb939469516dc2ff821eb6d579e430b63bb8cdfe6af7794836b87803624000d1fdb1b80706d293531848592d5e1b3a20c0071f40de02cbba72e
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rT:o7AEvgVOy29Ls3JslVYzjMO26iI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2