804b5e19f2f064b73fd2d4acbb24d585c0c2de15a39fbea1dbcc9543c0cffee2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3047a06e4d4b7cceb1844f6141d208c6_JaffaCakes118
Size

64KB
Sample

241010-rht34azbjb
MD5

3047a06e4d4b7cceb1844f6141d208c6
SHA1

67fcb830a1e7841e0cebae4387ceda98b3f92638
SHA256

804b5e19f2f064b73fd2d4acbb24d585c0c2de15a39fbea1dbcc9543c0cffee2
SHA512

e732f22ab9c257d68abdcbd1d9053f1562ae1bbef8ecceaa8ccadb61ff58720e5b63bdee75d42aab7f7fd93549af5a1c7beac45c0ac8217fae45abba0a7c61dd
SSDEEP

1536:L4y9pX9WlEhainJOTBTZQ05N/ySn8i/nO7f6LpxdqwG/UVX06ACZ+aw8Il:LxRhEF5N/ySS6j+aw8Il

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3047a06e4d4b7cceb1844f6141d208c6_JaffaCakes118
- Size
  
  64KB
- MD5
  
  3047a06e4d4b7cceb1844f6141d208c6
- SHA1
  
  67fcb830a1e7841e0cebae4387ceda98b3f92638
- SHA256
  
  804b5e19f2f064b73fd2d4acbb24d585c0c2de15a39fbea1dbcc9543c0cffee2
- SHA512
  
  e732f22ab9c257d68abdcbd1d9053f1562ae1bbef8ecceaa8ccadb61ff58720e5b63bdee75d42aab7f7fd93549af5a1c7beac45c0ac8217fae45abba0a7c61dd
- SSDEEP
  
  1536:L4y9pX9WlEhainJOTBTZQ05N/ySn8i/nO7f6LpxdqwG/UVX06ACZ+aw8Il:LxRhEF5N/ySS6j+aw8Il
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2