988c722cd70a0f72b0e8ca1dae14dc56cfdd4f3b313683771182c5d19d4f0601 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e03c6472151eb59450d535b692151139_JaffaCakes118
Size

2.5MB
Sample

240914-p84dcavdnm
MD5

e03c6472151eb59450d535b692151139
SHA1

f90399eff9416fe0d458f1075be124382669e399
SHA256

988c722cd70a0f72b0e8ca1dae14dc56cfdd4f3b313683771182c5d19d4f0601
SHA512

ac05052cd8d603fcc3f6a1a21a2706f2ad46c996e9bc6bff248f63d4f32f622f78341b14626f1838a91e678e18bbe23a5f4990f1cf5976c58406fde7ec81a58b
SSDEEP

49152:ocy796EvMtTx435MtV+rnUgKLWgAOXDHpSeZtk6EBI1rB:47AEvgVOXUgKLWgAWHXyHc

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e03c6472151eb59450d535b692151139_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  e03c6472151eb59450d535b692151139
- SHA1
  
  f90399eff9416fe0d458f1075be124382669e399
- SHA256
  
  988c722cd70a0f72b0e8ca1dae14dc56cfdd4f3b313683771182c5d19d4f0601
- SHA512
  
  ac05052cd8d603fcc3f6a1a21a2706f2ad46c996e9bc6bff248f63d4f32f622f78341b14626f1838a91e678e18bbe23a5f4990f1cf5976c58406fde7ec81a58b
- SSDEEP
  
  49152:ocy796EvMtTx435MtV+rnUgKLWgAOXDHpSeZtk6EBI1rB:47AEvgVOXUgKLWgAWHXyHc
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2