edafa1cbb5e4728aa0f8d827108c1303f50f7e36e7fde10da3b508bfdce5b43d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b07a14e852d42c3fecc6283452dc5ec3_JaffaCakes118
Size

2.5MB
Sample

240820-xwt8xasenp
MD5

b07a14e852d42c3fecc6283452dc5ec3
SHA1

5d8e6b9f8bdfff5cf4d22fdf34de93d252eab639
SHA256

edafa1cbb5e4728aa0f8d827108c1303f50f7e36e7fde10da3b508bfdce5b43d
SHA512

f36cfc741540d469473b7ad1401ab429f77fd899ee18f8a125bfb9292948011a30021ddce2f902f482caa178a40c79a207f0aed39178014c06a2c2e25a400271
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rc:o7AEvgVOy29Ls3JslVYzjMO26iT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b07a14e852d42c3fecc6283452dc5ec3_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  b07a14e852d42c3fecc6283452dc5ec3
- SHA1
  
  5d8e6b9f8bdfff5cf4d22fdf34de93d252eab639
- SHA256
  
  edafa1cbb5e4728aa0f8d827108c1303f50f7e36e7fde10da3b508bfdce5b43d
- SHA512
  
  f36cfc741540d469473b7ad1401ab429f77fd899ee18f8a125bfb9292948011a30021ddce2f902f482caa178a40c79a207f0aed39178014c06a2c2e25a400271
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rc:o7AEvgVOy29Ls3JslVYzjMO26iT
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2