1875cbf814255c5e56c0f1ae3cc4885954be13472b95f0929ae5061283fb236a | Triage

Sharing

General

Target

fc79ffff79e2783d8dd63b2f1c8ff632_JaffaCakes118
Size

2.5MB
Sample

240928-rmk1zssfre
MD5

fc79ffff79e2783d8dd63b2f1c8ff632
SHA1

4294c9967c4be8a7c89aa970087e4ff302bdeb45
SHA256

1875cbf814255c5e56c0f1ae3cc4885954be13472b95f0929ae5061283fb236a
SHA512

4e99efd5c5bf6ee38e56218459f3f4de6bc901a0f8e61e0e9dc6c5bfb0b0d716a11cad7d78fcdb784e170c14a6240b5e01860e949462438ccac57e6291984c30
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rn:o7AEvgVOy29Ls3JslVYzjMO26iW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fc79ffff79e2783d8dd63b2f1c8ff632_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  fc79ffff79e2783d8dd63b2f1c8ff632
- SHA1
  
  4294c9967c4be8a7c89aa970087e4ff302bdeb45
- SHA256
  
  1875cbf814255c5e56c0f1ae3cc4885954be13472b95f0929ae5061283fb236a
- SHA512
  
  4e99efd5c5bf6ee38e56218459f3f4de6bc901a0f8e61e0e9dc6c5bfb0b0d716a11cad7d78fcdb784e170c14a6240b5e01860e949462438ccac57e6291984c30
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rn:o7AEvgVOy29Ls3JslVYzjMO26iW
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2