36ac70b931f186129817c6d8ba48c8a291e92163c272f84e2aea1c7aab7a79e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df2141d3ea4313987fe8e0909f9f3fa4_JaffaCakes118
Size

80KB
Sample

240913-31h94awdkl
MD5

df2141d3ea4313987fe8e0909f9f3fa4
SHA1

8a050dddf55bb1d195318604d5128d9592715317
SHA256

36ac70b931f186129817c6d8ba48c8a291e92163c272f84e2aea1c7aab7a79e8
SHA512

6b0913843f5ef126d4b56de2f01f72fb7cb022660d0cd095826b1bb7ac236ff358a6379f3c349eca9f1499fbb04adcf9efb8e2f27bcd8be560fa4685cf0c56da
SSDEEP

1536:u2aRMQV2LELVpG/0NQBsc+JG5d47WiFGsdFvaeJYGGGfMX5FAaeJGYGGGfMqlGrr:eRMQRVpG/0NQMvL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  df2141d3ea4313987fe8e0909f9f3fa4_JaffaCakes118
- Size
  
  80KB
- MD5
  
  df2141d3ea4313987fe8e0909f9f3fa4
- SHA1
  
  8a050dddf55bb1d195318604d5128d9592715317
- SHA256
  
  36ac70b931f186129817c6d8ba48c8a291e92163c272f84e2aea1c7aab7a79e8
- SHA512
  
  6b0913843f5ef126d4b56de2f01f72fb7cb022660d0cd095826b1bb7ac236ff358a6379f3c349eca9f1499fbb04adcf9efb8e2f27bcd8be560fa4685cf0c56da
- SSDEEP
  
  1536:u2aRMQV2LELVpG/0NQBsc+JG5d47WiFGsdFvaeJYGGGfMX5FAaeJGYGGGfMqlGrr:eRMQRVpG/0NQMvL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2