0e69e978722e01667f8fce4336bae281e03ea52a210852e58636e0852fb0d6ae | Triage

Sharing

General

Target

c827cac019947666107e952f030d5a9f_JaffaCakes118
Size

208KB
Sample

240829-d19dvatcmq
MD5

c827cac019947666107e952f030d5a9f
SHA1

5f0d1aca72104be27fa15e42f64f5d8e44b93058
SHA256

0e69e978722e01667f8fce4336bae281e03ea52a210852e58636e0852fb0d6ae
SHA512

2d1562c4441bdf1ef6b97c9ad054a52c1d57b3b4ca3f0955519ae9bb2876ad87aa64f67e77798e5a7723aee431e2ab9a606a2d3098264bb2b5929409403957eb
SSDEEP

3072:JO+bY++73VQdqPg7WqD+NhGJZstCVH9xGSp+BPq19XAHtUcmzA:MWWzcJZs0d91WPquUcmk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c827cac019947666107e952f030d5a9f_JaffaCakes118
- Size
  
  208KB
- MD5
  
  c827cac019947666107e952f030d5a9f
- SHA1
  
  5f0d1aca72104be27fa15e42f64f5d8e44b93058
- SHA256
  
  0e69e978722e01667f8fce4336bae281e03ea52a210852e58636e0852fb0d6ae
- SHA512
  
  2d1562c4441bdf1ef6b97c9ad054a52c1d57b3b4ca3f0955519ae9bb2876ad87aa64f67e77798e5a7723aee431e2ab9a606a2d3098264bb2b5929409403957eb
- SSDEEP
  
  3072:JO+bY++73VQdqPg7WqD+NhGJZstCVH9xGSp+BPq19XAHtUcmzA:MWWzcJZs0d91WPquUcmk
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2