0b2f3545bef7b79f45858e159d3a303e38e55aa4043ba1634e7a9a5889a3b778 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a8af68c48bad54a001d5552122704f7_JaffaCakes118
Size

535KB
Sample

241009-enx1qaydrh
MD5

2a8af68c48bad54a001d5552122704f7
SHA1

635d6c4834a595765dbce530970c08b0bb2022ff
SHA256

0b2f3545bef7b79f45858e159d3a303e38e55aa4043ba1634e7a9a5889a3b778
SHA512

5f989fee4ff61c8cd167ce964a659e76e2cc56fe99900bbd07ac0e953f585e76066f84fc4fe46e1fb661f0438ddeb82407c4c5c0cc0058cbae93db519cb24a49
SSDEEP

12288:FcYJbZlJWwVkSyN8h5EdSFiZJH0Zo//obQr5n8qh:kSYEFiZJUpQr5n8qh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2a8af68c48bad54a001d5552122704f7_JaffaCakes118
- Size
  
  535KB
- MD5
  
  2a8af68c48bad54a001d5552122704f7
- SHA1
  
  635d6c4834a595765dbce530970c08b0bb2022ff
- SHA256
  
  0b2f3545bef7b79f45858e159d3a303e38e55aa4043ba1634e7a9a5889a3b778
- SHA512
  
  5f989fee4ff61c8cd167ce964a659e76e2cc56fe99900bbd07ac0e953f585e76066f84fc4fe46e1fb661f0438ddeb82407c4c5c0cc0058cbae93db519cb24a49
- SSDEEP
  
  12288:FcYJbZlJWwVkSyN8h5EdSFiZJH0Zo//obQr5n8qh:kSYEFiZJUpQr5n8qh
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2