eb880c6aa541a6cbc53739699367b9cdbd986bf5516d36d7ce287cb5b351b099 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc50ddaa2509805a3a449834deeefca0_JaffaCakes118
Size

523KB
Sample

240823-sw659avdjq
MD5

bc50ddaa2509805a3a449834deeefca0
SHA1

cf1ac10d2088e91fe80bd397a988c0c9c8054128
SHA256

eb880c6aa541a6cbc53739699367b9cdbd986bf5516d36d7ce287cb5b351b099
SHA512

0715dcb4e30002acb83a1643d9d64d7702cfc613f5935006033caedb228eb3446fa213c7545c2e8a95feedb8b339d03eced461f9f80c6da48476ab2879fad65f
SSDEEP

12288:53JCFkQWTfpoiwongqTBTgRb7J3AYciPybR6lVJ9PtnLhk6rL:53JCJOfWl/czRirtnLf/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bc50ddaa2509805a3a449834deeefca0_JaffaCakes118
- Size
  
  523KB
- MD5
  
  bc50ddaa2509805a3a449834deeefca0
- SHA1
  
  cf1ac10d2088e91fe80bd397a988c0c9c8054128
- SHA256
  
  eb880c6aa541a6cbc53739699367b9cdbd986bf5516d36d7ce287cb5b351b099
- SHA512
  
  0715dcb4e30002acb83a1643d9d64d7702cfc613f5935006033caedb228eb3446fa213c7545c2e8a95feedb8b339d03eced461f9f80c6da48476ab2879fad65f
- SSDEEP
  
  12288:53JCFkQWTfpoiwongqTBTgRb7J3AYciPybR6lVJ9PtnLhk6rL:53JCJOfWl/czRirtnLf/
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2