49b9921524de854116895da348af8a102d654759048ccb4d052831c212867b96 | Triage

Sharing

General

Target

ea363ec3d656bc04d24ddc3dbf92a7f7_JaffaCakes118
Size

1.3MB
Sample

240918-3z2eaazfpj
MD5

ea363ec3d656bc04d24ddc3dbf92a7f7
SHA1

7d80a71ead84ee5c4d1bca3f33ca8ada269df064
SHA256

49b9921524de854116895da348af8a102d654759048ccb4d052831c212867b96
SHA512

e167ce69b2266605f55d65c0d104570f9b32167e4c4f83b1805f68e83d81fed06e4fd837234a4cc8e41c9ddbec37f46868e71e873a0d764ffc7133f71a7a6828
SSDEEP

24576:k2u6pZDxaVHFcfE3COlJ1o27d0jGy71w3AZNb3k924ZdltoZf627iYglam///LZR:D9pCYbOL627c91dbiTZ7tUfXiflamHFR

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ea363ec3d656bc04d24ddc3dbf92a7f7_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  ea363ec3d656bc04d24ddc3dbf92a7f7
- SHA1
  
  7d80a71ead84ee5c4d1bca3f33ca8ada269df064
- SHA256
  
  49b9921524de854116895da348af8a102d654759048ccb4d052831c212867b96
- SHA512
  
  e167ce69b2266605f55d65c0d104570f9b32167e4c4f83b1805f68e83d81fed06e4fd837234a4cc8e41c9ddbec37f46868e71e873a0d764ffc7133f71a7a6828
- SSDEEP
  
  24576:k2u6pZDxaVHFcfE3COlJ1o27d0jGy71w3AZNb3k924ZdltoZf627iYglam///LZR:D9pCYbOL627c91dbiTZ7tUfXiflamHFR
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2