906a687ef5b9e577b1c35792cb5fc02d258f4508cf386be83ce26efd15648539 | Triage

Sharing

General

Target

ead2372ac5779d6737eb9fa6a766067a_JaffaCakes118
Size

555KB
Sample

240919-hyztvawhqm
MD5

ead2372ac5779d6737eb9fa6a766067a
SHA1

6c604141cb6b03b9cad66b74078a9fbdf52b0aa5
SHA256

906a687ef5b9e577b1c35792cb5fc02d258f4508cf386be83ce26efd15648539
SHA512

d08b57aa43e0df06c0cc756584ad4dc6781d0c143c1faf4e89865a2d6629a96e7f98b17263668bb48f8530cdcc4848fafbf1be8bfb7c4d6a1d7e865174277af0
SSDEEP

12288:n5Ooq9fQ+qrcKHdy/pbAMTQDa8YYsv0ldgO:nIz9eAKkRbTTQW86vigO

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ead2372ac5779d6737eb9fa6a766067a_JaffaCakes118
- Size
  
  555KB
- MD5
  
  ead2372ac5779d6737eb9fa6a766067a
- SHA1
  
  6c604141cb6b03b9cad66b74078a9fbdf52b0aa5
- SHA256
  
  906a687ef5b9e577b1c35792cb5fc02d258f4508cf386be83ce26efd15648539
- SHA512
  
  d08b57aa43e0df06c0cc756584ad4dc6781d0c143c1faf4e89865a2d6629a96e7f98b17263668bb48f8530cdcc4848fafbf1be8bfb7c4d6a1d7e865174277af0
- SSDEEP
  
  12288:n5Ooq9fQ+qrcKHdy/pbAMTQDa8YYsv0ldgO:nIz9eAKkRbTTQW86vigO
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2