04694e1e39b491903930300faf0269534fadda9e69f765e995a7ed5a7db0a30a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f55d9cea27f156776f55cfd07951cfd6_JaffaCakes118
Size

263KB
Sample

240925-gxksvssdlh
MD5

f55d9cea27f156776f55cfd07951cfd6
SHA1

24ea50221749154b00c04c02ad78353fca8bb759
SHA256

04694e1e39b491903930300faf0269534fadda9e69f765e995a7ed5a7db0a30a
SHA512

db2d982b2111f726dec97b0ab6ba26fadff24b2bcccc9af7834c5e3bc8a954217ffa92107b25324e0fc85bc981f0aef0681ad69bcb791a1309356ad5a905bbe5
SSDEEP

3072:jjkKZWygHY/PlI4pNsDhKhlLXIvWt8OhE025grUN9r+xmI3VeiYxfCpzDnY07VGv:Pn04pqdgXIvWuylfrUiNNDnXVGCa

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f55d9cea27f156776f55cfd07951cfd6_JaffaCakes118
- Size
  
  263KB
- MD5
  
  f55d9cea27f156776f55cfd07951cfd6
- SHA1
  
  24ea50221749154b00c04c02ad78353fca8bb759
- SHA256
  
  04694e1e39b491903930300faf0269534fadda9e69f765e995a7ed5a7db0a30a
- SHA512
  
  db2d982b2111f726dec97b0ab6ba26fadff24b2bcccc9af7834c5e3bc8a954217ffa92107b25324e0fc85bc981f0aef0681ad69bcb791a1309356ad5a905bbe5
- SSDEEP
  
  3072:jjkKZWygHY/PlI4pNsDhKhlLXIvWt8OhE025grUN9r+xmI3VeiYxfCpzDnY07VGv:Pn04pqdgXIvWuylfrUiNNDnXVGCa
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2