970a78f232422b9336b0161315ed6ebe66a552ef206dcbc0cd4cfc8463d06fc7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db1cbe7da05af565afcb9d7170004e9a_JaffaCakes118
Size

20KB
Sample

240405-wstmjaaf9y
MD5

db1cbe7da05af565afcb9d7170004e9a
SHA1

689851034be4d95a45494ae1a1cddd26985a797c
SHA256

970a78f232422b9336b0161315ed6ebe66a552ef206dcbc0cd4cfc8463d06fc7
SHA512

c2752a58b64bb47266a803454d3f1fefaa726b1e884765ff05b6ed2ab57512243a626bed95ce22a618a556e1f60a0ea33f0dd10753d4d0827ce92f042fa22d7b
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx2CnkT:hDXWipuE+K3/SSHgxmHEpT

Score

7^/10

Malware Config

Targets

- Target
  
  db1cbe7da05af565afcb9d7170004e9a_JaffaCakes118
- Size
  
  20KB
- MD5
  
  db1cbe7da05af565afcb9d7170004e9a
- SHA1
  
  689851034be4d95a45494ae1a1cddd26985a797c
- SHA256
  
  970a78f232422b9336b0161315ed6ebe66a552ef206dcbc0cd4cfc8463d06fc7
- SHA512
  
  c2752a58b64bb47266a803454d3f1fefaa726b1e884765ff05b6ed2ab57512243a626bed95ce22a618a556e1f60a0ea33f0dd10753d4d0827ce92f042fa22d7b
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx2CnkT:hDXWipuE+K3/SSHgxmHEpT
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2