6edd514674b7bc40d9ded2eaa7a84c9773627cc4810143227aa55c2f938e7f0e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07ad64ae834373a5c5c943e1dbcc9f1e_JaffaCakes118
Size

292KB
Sample

241001-2dbfasxdka
MD5

07ad64ae834373a5c5c943e1dbcc9f1e
SHA1

681a5b5c36ebb591d917a698879cbcafe2afa82a
SHA256

6edd514674b7bc40d9ded2eaa7a84c9773627cc4810143227aa55c2f938e7f0e
SHA512

3bf29ae10a596702ea2b4a0fe87ce027a88ed46c80eb5e337244f2935b19e0aa410e91a7eba934eb5da9ac653623356a71d33ab2a137773ffe76bd3ca9a2a013
SSDEEP

6144:qoBD6iz9BBwwPCM9MeaOsCSP26Vh9BgODLlV98io3PXlB25LtP71cYUG/z:qoGTI33765BgCLl3u3PXTyZxcYH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  07ad64ae834373a5c5c943e1dbcc9f1e_JaffaCakes118
- Size
  
  292KB
- MD5
  
  07ad64ae834373a5c5c943e1dbcc9f1e
- SHA1
  
  681a5b5c36ebb591d917a698879cbcafe2afa82a
- SHA256
  
  6edd514674b7bc40d9ded2eaa7a84c9773627cc4810143227aa55c2f938e7f0e
- SHA512
  
  3bf29ae10a596702ea2b4a0fe87ce027a88ed46c80eb5e337244f2935b19e0aa410e91a7eba934eb5da9ac653623356a71d33ab2a137773ffe76bd3ca9a2a013
- SSDEEP
  
  6144:qoBD6iz9BBwwPCM9MeaOsCSP26Vh9BgODLlV98io3PXlB25LtP71cYUG/z:qoGTI33765BgCLl3u3PXTyZxcYH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2