dec22595f97394af02805cb3d2511a0971c66762ed2ad09fbf4b733d66abc364 | Triage

Sharing

General

Target

JaffaCakes118_981d1e8909230dad9feef356031c58be
Size

511KB
Sample

250204-zmhvmatkdl
MD5

981d1e8909230dad9feef356031c58be
SHA1

169a7a50cc071f03e3658a251cbe52fca37164f7
SHA256

dec22595f97394af02805cb3d2511a0971c66762ed2ad09fbf4b733d66abc364
SHA512

191dcdcb86507fad12e6898cf14aaf7726acf2614bc1a1f1cafb306abe345bee8a0a92904b7d4ac9776b502a75278af93b6c9d96066d9f6ac9799fdb853a77ab
SSDEEP

6144:7+7ZI4mIJds+ZBXh6fFGoXcgbEf9ekoFv:UmIY+Z1eGAcg4sfFv

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  JaffaCakes118_981d1e8909230dad9feef356031c58be
- Size
  
  511KB
- MD5
  
  981d1e8909230dad9feef356031c58be
- SHA1
  
  169a7a50cc071f03e3658a251cbe52fca37164f7
- SHA256
  
  dec22595f97394af02805cb3d2511a0971c66762ed2ad09fbf4b733d66abc364
- SHA512
  
  191dcdcb86507fad12e6898cf14aaf7726acf2614bc1a1f1cafb306abe345bee8a0a92904b7d4ac9776b502a75278af93b6c9d96066d9f6ac9799fdb853a77ab
- SSDEEP
  
  6144:7+7ZI4mIJds+ZBXh6fFGoXcgbEf9ekoFv:UmIY+Z1eGAcg4sfFv
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2