65696aef5dd6a69127dd7077008e5390469b190317688de16e94ccc243baa926 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02420928a10c645e07680f5fabf9a7c7_JaffaCakes118
Size

4.2MB
Sample

240328-lkh6qafc54
MD5

02420928a10c645e07680f5fabf9a7c7
SHA1

cfd390b39ee7b0c23e7d0594b5bb54bc11e23c4e
SHA256

65696aef5dd6a69127dd7077008e5390469b190317688de16e94ccc243baa926
SHA512

75fe04ce3fe25bee6ccb358da29b98a84b41e4730bf02f8b69bcdcc701a421fe83a017a0b2096b5f5cdd7e0876c04bdce9d1e8fac305587805106a78cbca5b47
SSDEEP

98304:oXB4uluJRmMg6QWlIpgi0rHqsih/mCqJ4B4uluG:ovsJR0TW6yiIKRhzqOsG

Score

7^/10

Malware Config

Targets

- Target
  
  02420928a10c645e07680f5fabf9a7c7_JaffaCakes118
- Size
  
  4.2MB
- MD5
  
  02420928a10c645e07680f5fabf9a7c7
- SHA1
  
  cfd390b39ee7b0c23e7d0594b5bb54bc11e23c4e
- SHA256
  
  65696aef5dd6a69127dd7077008e5390469b190317688de16e94ccc243baa926
- SHA512
  
  75fe04ce3fe25bee6ccb358da29b98a84b41e4730bf02f8b69bcdcc701a421fe83a017a0b2096b5f5cdd7e0876c04bdce9d1e8fac305587805106a78cbca5b47
- SSDEEP
  
  98304:oXB4uluJRmMg6QWlIpgi0rHqsih/mCqJ4B4uluG:ovsJR0TW6yiIKRhzqOsG
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2