68d1f96a123b554ea613bfa29b68234e20910da2d1a74f209f1450175fe3c575 | Triage

Sharing

General

Target

2663c990a3e26ff0ac93a73cbdc17efb_JaffaCakes118
Size

1.2MB
Sample

241008-2c3hdsxelg
MD5

2663c990a3e26ff0ac93a73cbdc17efb
SHA1

ae0bd1c554c4e34e5877197669cf81850181a354
SHA256

68d1f96a123b554ea613bfa29b68234e20910da2d1a74f209f1450175fe3c575
SHA512

4ede647dc415f66f7dc7b3e308db5bcce3719c1a0dae52bcebe974740667112be7eebda029f1b179dde496c03a012f956d9e8b9aa88962ff8a30536836581990
SSDEEP

24576:CizQ6o/GQUmR5uc92mRG5vSb+BNtfbmlAxLD+Nld/TLMgH5snWTVBM+fFEhWVz7:CL/GQZh9DRGUb+jtfbm+xLDolds8dWdM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  QQũWww.8315.info.url
- Size
  
  260B
- MD5
  
  6506d7c90b5c626adacbf242958a888b
- SHA1
  
  1cec8a6baf6689147e02c1f221a3619a15417814
- SHA256
  
  3152fbd3d4f0f65bd0c7366d9a34ce681d2640dbd520e6f2435c88497ab9dc20
- SHA512
  
  b9071bc2bda0e59804da6abfd8c4bcd0ae011e0e3916278e466a48c53c12bff12c43d69c2ca761aa5e627537888b8f61459c5ed14959392a896e378a32dcfb09
Score

1^/10
behavioral1 behavioral2
- Target
  
  QQ.exe
- Size
  
  1.4MB
- MD5
  
  9f7931eb7d0b97adec9790b80c6ac1ce
- SHA1
  
  2e3b92380577951877e826ab09da2e13a2e256e0
- SHA256
  
  8b7586d66aa1af6ef7a7abba1d2e410fae5205c1fba8e620b432efa18a3da871
- SHA512
  
  2332ef85fa171edced01bb6f7e18d0ac228ab16a120fc268d88a0533ab4f7079596080bf990d606c268704f42bbc2bbabed87037ce4573476cac19c36361c23c
- SSDEEP
  
  24576:jhozpfjEkhu7o/oQUmR5Ek9GmV4RvlMml0xK4KH+NJd/TLWG9qcRmnWNVBM+TFQt:jho9/oQdd9TV48mmxKRHoJd2GIOlWj
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  װ.bat
- Size
  
  575B
- MD5
  
  e96b4199d39f8d9d186a89473493ada7
- SHA1
  
  4bf4fdc1772b0bf40fc5c0386ffae947e8b01120
- SHA256
  
  939a2280fb615a2bed488d0877944ab946c3413a11e2302f0313d94fd3d05c3b
- SHA512
  
  df04d9f07dc8bbec72059f4f2e22290083d4fc7c9178f8581ccbc626f9dcbbb29e1f0c1f5a5489053ca5217f9ec53910b078374de92e3650706ce28dab2c20bf
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6