457247491b1bef4a0c24f158505cf66a899c0c33b915fab492bd92fe11b3b4ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8b3a131497d41baf79d565a4bdd8415_JaffaCakes118
Size

449KB
Sample

240822-xagexsvapr
MD5

b8b3a131497d41baf79d565a4bdd8415
SHA1

908a7fd87d397290f9352f6ff6550cfb9ebf2f91
SHA256

457247491b1bef4a0c24f158505cf66a899c0c33b915fab492bd92fe11b3b4ad
SHA512

4d49a1d7f12cdc091f633fdec1d2a607ce3e043ea1f7949f280065d6b738c612456ba023a0adf40ccf0748b9875249b23f071bcedf2496275f17d3fa20a30200
SSDEEP

6144:1cPQfo74tmmP999QReTWgNyd57oZbz+4vhgHyfLPkssUivh8ZzpaFtTMZLGeaZH0:rok9z9QRaHQ8Zbh2HoML5JkzksknZHkd

Score

7^/10

Malware Config

Targets

- Target
  
  b8b3a131497d41baf79d565a4bdd8415_JaffaCakes118
- Size
  
  449KB
- MD5
  
  b8b3a131497d41baf79d565a4bdd8415
- SHA1
  
  908a7fd87d397290f9352f6ff6550cfb9ebf2f91
- SHA256
  
  457247491b1bef4a0c24f158505cf66a899c0c33b915fab492bd92fe11b3b4ad
- SHA512
  
  4d49a1d7f12cdc091f633fdec1d2a607ce3e043ea1f7949f280065d6b738c612456ba023a0adf40ccf0748b9875249b23f071bcedf2496275f17d3fa20a30200
- SSDEEP
  
  6144:1cPQfo74tmmP999QReTWgNyd57oZbz+4vhgHyfLPkssUivh8ZzpaFtTMZLGeaZH0:rok9z9QRaHQ8Zbh2HoML5JkzksknZHkd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2