f8248ef706de1d878d14454103751fb8b78cc34c97cd33ecf8eeda1a5df4b215 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c10fc233ebba6608b6cdbefe86dfdcf8_JaffaCakes118
Size

317KB
Sample

240825-s67jrs1hqh
MD5

c10fc233ebba6608b6cdbefe86dfdcf8
SHA1

1b592c3575ae864ad2b41ea493b7341a2a987da1
SHA256

f8248ef706de1d878d14454103751fb8b78cc34c97cd33ecf8eeda1a5df4b215
SHA512

e1d17aca646cfdcde6aa5b9e5831060a4cad1bb1a8684fad0c8d708e5f7efa5a3031f5b3f4d302440056817eaf7af1c879be558522071c27643bf4d0a83a5337
SSDEEP

6144:+0YjywDhq1doBLbii5bkgVuN+xSKV7Wkrsf7LsOSfXVB8KC9bB:+0AywDhwdiXikbkgaISKVJXv8z91

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c10fc233ebba6608b6cdbefe86dfdcf8_JaffaCakes118
- Size
  
  317KB
- MD5
  
  c10fc233ebba6608b6cdbefe86dfdcf8
- SHA1
  
  1b592c3575ae864ad2b41ea493b7341a2a987da1
- SHA256
  
  f8248ef706de1d878d14454103751fb8b78cc34c97cd33ecf8eeda1a5df4b215
- SHA512
  
  e1d17aca646cfdcde6aa5b9e5831060a4cad1bb1a8684fad0c8d708e5f7efa5a3031f5b3f4d302440056817eaf7af1c879be558522071c27643bf4d0a83a5337
- SSDEEP
  
  6144:+0YjywDhq1doBLbii5bkgVuN+xSKV7Wkrsf7LsOSfXVB8KC9bB:+0AywDhwdiXikbkgaISKVJXv8z91
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2