ea52fc4f8ef646b80bd56cd49cef4ef2d3bffd18d9c784b48daa3adfca71dea7 | Triage

Sharing

General

Target

ebb6c2142758fcc6d4f7a6e89ec80b4a_JaffaCakes118
Size

650KB
Sample

240919-tq5kxaybnn
MD5

ebb6c2142758fcc6d4f7a6e89ec80b4a
SHA1

b39e3ce8da872684a04ea1766c2687ed2e1f1b22
SHA256

ea52fc4f8ef646b80bd56cd49cef4ef2d3bffd18d9c784b48daa3adfca71dea7
SHA512

a0751ec83380998e2ee320f47b7323d4fa561bfa907ec7c06e2d102001e7f77dd8e9a3999519d33f7e8f6a691feda62c4b6ac90994e731e76a5f454863149c16
SSDEEP

12288:R8SIdgnkr8uiifiN9dujuZDsOcKNZ6mHtziqH3VjuQKy0jGC:yRAYuMeu6Fs1m8qloyY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ebb6c2142758fcc6d4f7a6e89ec80b4a_JaffaCakes118
- Size
  
  650KB
- MD5
  
  ebb6c2142758fcc6d4f7a6e89ec80b4a
- SHA1
  
  b39e3ce8da872684a04ea1766c2687ed2e1f1b22
- SHA256
  
  ea52fc4f8ef646b80bd56cd49cef4ef2d3bffd18d9c784b48daa3adfca71dea7
- SHA512
  
  a0751ec83380998e2ee320f47b7323d4fa561bfa907ec7c06e2d102001e7f77dd8e9a3999519d33f7e8f6a691feda62c4b6ac90994e731e76a5f454863149c16
- SSDEEP
  
  12288:R8SIdgnkr8uiifiN9dujuZDsOcKNZ6mHtziqH3VjuQKy0jGC:yRAYuMeu6Fs1m8qloyY
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2