b9f40c908665e8e4598faa07bcc804aca681b6be40972fa32410d3ecc42d8007 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cee77a0e2322a607606d15ec9cc9d8bc_JaffaCakes118
Size

2.3MB
Sample

240906-hemeea1gjr
MD5

cee77a0e2322a607606d15ec9cc9d8bc
SHA1

78bba3dca19b627132391f38987561e3b658beb4
SHA256

b9f40c908665e8e4598faa07bcc804aca681b6be40972fa32410d3ecc42d8007
SHA512

a904adbef1f4c987e8b578909d1f18c0f67091006a1a11a6e24dbcc55c875852e7150b0340c22212b7bd17472387eb8bd1810aa771a2ed67832835667ab5e1d4
SSDEEP

24576:RUlW4jmlCAcbhRlN6BAS4mBJ1Cq9XyRflFip4VObr:RTIJmSS5CqtyRfnip4VOb

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  cee77a0e2322a607606d15ec9cc9d8bc_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  cee77a0e2322a607606d15ec9cc9d8bc
- SHA1
  
  78bba3dca19b627132391f38987561e3b658beb4
- SHA256
  
  b9f40c908665e8e4598faa07bcc804aca681b6be40972fa32410d3ecc42d8007
- SHA512
  
  a904adbef1f4c987e8b578909d1f18c0f67091006a1a11a6e24dbcc55c875852e7150b0340c22212b7bd17472387eb8bd1810aa771a2ed67832835667ab5e1d4
- SSDEEP
  
  24576:RUlW4jmlCAcbhRlN6BAS4mBJ1Cq9XyRflFip4VObr:RTIJmSS5CqtyRfnip4VOb
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2