0bc632379f3e05ae529a1c1e72e4b1e878bc95ac8ff67785c57396713c7973e9 | Triage

Sharing

General

Target

ebb42addcac9fd0f483278f6e9076d98_JaffaCakes118
Size

1.2MB
Sample

240919-tm8s6ayakq
MD5

ebb42addcac9fd0f483278f6e9076d98
SHA1

e069641ff978cbdccbfd8bae7002c203bcee9fde
SHA256

0bc632379f3e05ae529a1c1e72e4b1e878bc95ac8ff67785c57396713c7973e9
SHA512

1865f497291bd994787ec1332219423b8a334df379326eccda99e3931a471a9eae2f7c78cc9717b1aa4119a71d0b8dfbd85f35f0c8538d011c5e516e001bffde
SSDEEP

24576:DJ/o8TTk9wlSZMDJWY6KEsxKMoV0VbXDedVQwJYz/X:DuwqMNQKKMoV0xXDe7QwJYz/X

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ebb42addcac9fd0f483278f6e9076d98_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  ebb42addcac9fd0f483278f6e9076d98
- SHA1
  
  e069641ff978cbdccbfd8bae7002c203bcee9fde
- SHA256
  
  0bc632379f3e05ae529a1c1e72e4b1e878bc95ac8ff67785c57396713c7973e9
- SHA512
  
  1865f497291bd994787ec1332219423b8a334df379326eccda99e3931a471a9eae2f7c78cc9717b1aa4119a71d0b8dfbd85f35f0c8538d011c5e516e001bffde
- SSDEEP
  
  24576:DJ/o8TTk9wlSZMDJWY6KEsxKMoV0VbXDedVQwJYz/X:DuwqMNQKKMoV0xXDe7QwJYz/X
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2