dcc1a2c289df3190fb94ba87c05d79178882c08b410d333b8e4c3d79745dbabd | Triage

Sharing

General

Target

d11f8a8b4687e40493fb9be94efb401f_JaffaCakes118
Size

20KB
Sample

240405-mgke2saa95
MD5

d11f8a8b4687e40493fb9be94efb401f
SHA1

7523c6c53d85bc5714352a5445c53bf8102be324
SHA256

dcc1a2c289df3190fb94ba87c05d79178882c08b410d333b8e4c3d79745dbabd
SHA512

2c9a056aed15fc6c102014cb05e498bcf5d9a2f93d3aba85abf92cfaeb07ebc99f4072fe52b13905348fcb401cf23dd5b445e0b3cb88fb9d10cac61c0e81a221
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMxX1pH:hDXWipuE+K3/SSHgxmH9v

Score

7^/10

Malware Config

Targets

- Target
  
  d11f8a8b4687e40493fb9be94efb401f_JaffaCakes118
- Size
  
  20KB
- MD5
  
  d11f8a8b4687e40493fb9be94efb401f
- SHA1
  
  7523c6c53d85bc5714352a5445c53bf8102be324
- SHA256
  
  dcc1a2c289df3190fb94ba87c05d79178882c08b410d333b8e4c3d79745dbabd
- SHA512
  
  2c9a056aed15fc6c102014cb05e498bcf5d9a2f93d3aba85abf92cfaeb07ebc99f4072fe52b13905348fcb401cf23dd5b445e0b3cb88fb9d10cac61c0e81a221
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMxX1pH:hDXWipuE+K3/SSHgxmH9v
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2