5bfbc83d11178c9df693b53e20adfbc55ba87ea18dfa8d467e25cebbd42bd631 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af5ea6152983fdcbb06505c7975ee1c8_JaffaCakes118
Size

136KB
Sample

240820-qhr33axenn
MD5

af5ea6152983fdcbb06505c7975ee1c8
SHA1

2f57bca27f349272fc7c476752df34d51f0100e2
SHA256

5bfbc83d11178c9df693b53e20adfbc55ba87ea18dfa8d467e25cebbd42bd631
SHA512

5822be2390ca38baa8de51f83e808a53b47045c2952aad8a926ba1ec516badfcd9ad90becfedcc8886b72c156111cfabe220bface641d0cf5015588c5da93a54
SSDEEP

1536:33O52CynHGzZX6oUVc8FqPV1bIOGFnToIf0xtG4PqJr0VSAPps:HO5n6SrNGtTBfetG4PjIAPS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  af5ea6152983fdcbb06505c7975ee1c8_JaffaCakes118
- Size
  
  136KB
- MD5
  
  af5ea6152983fdcbb06505c7975ee1c8
- SHA1
  
  2f57bca27f349272fc7c476752df34d51f0100e2
- SHA256
  
  5bfbc83d11178c9df693b53e20adfbc55ba87ea18dfa8d467e25cebbd42bd631
- SHA512
  
  5822be2390ca38baa8de51f83e808a53b47045c2952aad8a926ba1ec516badfcd9ad90becfedcc8886b72c156111cfabe220bface641d0cf5015588c5da93a54
- SSDEEP
  
  1536:33O52CynHGzZX6oUVc8FqPV1bIOGFnToIf0xtG4PqJr0VSAPps:HO5n6SrNGtTBfetG4PjIAPS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2