976a90447e9b49ccc7eaa7e52dd41654cb54fd1b1c17128e1e7c943a336a3b04 | Triage

Sharing

General

Target

e0bedf61929743f75b1ccaec1b192dd3_JaffaCakes118
Size

728KB
Sample

240914-wrrrjsyamf
MD5

e0bedf61929743f75b1ccaec1b192dd3
SHA1

b2807e365a812b7da39ff01a9b9ce82cca30550b
SHA256

976a90447e9b49ccc7eaa7e52dd41654cb54fd1b1c17128e1e7c943a336a3b04
SHA512

617da56db001ab03186781bb79874de9b14bf3bd679f84ed658a6797e9645afc163017b042aa02ca511ef54e8b182b1bee3bd0d61ca61178272deb2141aa5b27
SSDEEP

12288:2GcoX53l4xf/LY80pUX4DwJ2+B05OEkz4+WqEe4/sVO:IaKfTgk4E4+O4lz4Fe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e0bedf61929743f75b1ccaec1b192dd3_JaffaCakes118
- Size
  
  728KB
- MD5
  
  e0bedf61929743f75b1ccaec1b192dd3
- SHA1
  
  b2807e365a812b7da39ff01a9b9ce82cca30550b
- SHA256
  
  976a90447e9b49ccc7eaa7e52dd41654cb54fd1b1c17128e1e7c943a336a3b04
- SHA512
  
  617da56db001ab03186781bb79874de9b14bf3bd679f84ed658a6797e9645afc163017b042aa02ca511ef54e8b182b1bee3bd0d61ca61178272deb2141aa5b27
- SSDEEP
  
  12288:2GcoX53l4xf/LY80pUX4DwJ2+B05OEkz4+WqEe4/sVO:IaKfTgk4E4+O4lz4Fe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2