e23daa109fc1d923876255b7d1fb4cf5b3704939212596b6ce0ba0c5bd799ec3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fe0edf4f07dc1a9d06da53c16478950_JaffaCakes118
Size

5.8MB
Sample

241003-v5ztms1ene
MD5

0fe0edf4f07dc1a9d06da53c16478950
SHA1

f7ca0cdd99edc7587994e2bc1769e85525851008
SHA256

e23daa109fc1d923876255b7d1fb4cf5b3704939212596b6ce0ba0c5bd799ec3
SHA512

c6db7d586546ce849a2064d1f60ba0bfe26a62c49f84071767fed2f782e36500908142d9ed5d61d52579daa1767072bc54f9608d0f5eb2fea40c3319e06a6663
SSDEEP

98304:NHvXdhFq9qV/ZXJM3s2ltYlkMnm0JjHbbjvF8IeuPhf5KWtzTAMpJRsHjonq0ZMF:NPXdTptZ5MftYez+nCIeut53DpJqHjmd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0fe0edf4f07dc1a9d06da53c16478950_JaffaCakes118
- Size
  
  5.8MB
- MD5
  
  0fe0edf4f07dc1a9d06da53c16478950
- SHA1
  
  f7ca0cdd99edc7587994e2bc1769e85525851008
- SHA256
  
  e23daa109fc1d923876255b7d1fb4cf5b3704939212596b6ce0ba0c5bd799ec3
- SHA512
  
  c6db7d586546ce849a2064d1f60ba0bfe26a62c49f84071767fed2f782e36500908142d9ed5d61d52579daa1767072bc54f9608d0f5eb2fea40c3319e06a6663
- SSDEEP
  
  98304:NHvXdhFq9qV/ZXJM3s2ltYlkMnm0JjHbbjvF8IeuPhf5KWtzTAMpJRsHjonq0ZMF:NPXdTptZ5MftYez+nCIeut53DpJqHjmd
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2