cf47769cbd41124b5f12ca9624a12339a52a9613f64a562208901cc330814896 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2c3a77f36bf005a3eba9acf58a40ac1_JaffaCakes118
Size

4.2MB
Sample

240821-kczcasseml
MD5

b2c3a77f36bf005a3eba9acf58a40ac1
SHA1

e4dfb61f8a69e333ef43129b221898cfae8d67f9
SHA256

cf47769cbd41124b5f12ca9624a12339a52a9613f64a562208901cc330814896
SHA512

0d03a5384a602d52b94e493ffce365ccfcee4242538c73295cc1a23fc21c530f9b2a0950034cc259925778aaff1faad0df18e875758c25c5bd2884b6feba3ace
SSDEEP

98304:oXB4uluJRmMg6QWlIpgi0rHqsih/mCqJ4B4ulub:ovsJR0TW6yiIKRhzqOsb

Score

7^/10

Malware Config

Targets

- Target
  
  b2c3a77f36bf005a3eba9acf58a40ac1_JaffaCakes118
- Size
  
  4.2MB
- MD5
  
  b2c3a77f36bf005a3eba9acf58a40ac1
- SHA1
  
  e4dfb61f8a69e333ef43129b221898cfae8d67f9
- SHA256
  
  cf47769cbd41124b5f12ca9624a12339a52a9613f64a562208901cc330814896
- SHA512
  
  0d03a5384a602d52b94e493ffce365ccfcee4242538c73295cc1a23fc21c530f9b2a0950034cc259925778aaff1faad0df18e875758c25c5bd2884b6feba3ace
- SSDEEP
  
  98304:oXB4uluJRmMg6QWlIpgi0rHqsih/mCqJ4B4ulub:ovsJR0TW6yiIKRhzqOsb
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2