a6424cc1d3efc519a6bc61eae187ab89378d374493695d5ce5a1d602eb79d223 | Triage

Sharing

General

Target

184cfc28e6a49dfc27f46882730d2046_JaffaCakes118
Size

7.7MB
Sample

240505-swz2yadh21
MD5

184cfc28e6a49dfc27f46882730d2046
SHA1

c0b3795db7c82ff0cd2bc947cb05465ed0f477a3
SHA256

a6424cc1d3efc519a6bc61eae187ab89378d374493695d5ce5a1d602eb79d223
SHA512

c1d600a417ee9123df580d1e5ca95cb8309e8d491fb9936ae215da5494e38fe95b1bec4d0990226a86a0fb514dc1a8051ce07fc6224eb494c8427308e7fe3fb4
SSDEEP

196608:VM+aiT7BM0DUl3HhCbd2CiFNIj51ZMe6JkFuyIDE4BCLp:eri5M0O0bdxKLJwyDDY

Score

7^/10

Malware Config

Targets

- Target
  
  itranslator.exe
- Size
  
  8.2MB
- MD5
  
  39c773dc1a684e370f8850487cd31eae
- SHA1
  
  7ecf60a864c35ee9f77c1ec5587f444070769ddb
- SHA256
  
  d2286a1d9143bcaeaeef5ced8ca3e33fac408bb6b6f8e636486e74d9d451456a
- SHA512
  
  5754fc5fe7f7b98de19475064f0e46cc718c65638a8d6b8018016a780912b6df825282a2c4ae812836fb3dc34f4f42d484001583ea6fecde300f87d250d32f8d
- SSDEEP
  
  196608:OTL4wY2cxPV4X1NC6ehoulK75jDvXRCvKERWY0qEOSLtQwpuC:wmPVQLtd7BXRyKEL03
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2