256cf9b068c9db92d6a70ca4c3ce99c40a64a3571ec4743f282c65297ce5e1a5 | Triage

Sharing

General

Target

63c69afe79522f175ac1811470df2b0d_JaffaCakes118
Size

448KB
Sample

240521-sszl1aad6v
MD5

63c69afe79522f175ac1811470df2b0d
SHA1

e4720022b62f2e52c594b2c792094262f019bd9c
SHA256

256cf9b068c9db92d6a70ca4c3ce99c40a64a3571ec4743f282c65297ce5e1a5
SHA512

ebd00a9a9654d611f1969d69e253d09ba8ac41a3f2ca194706294e170a90a3ade47dc3551a468e7246ed81cf446b0763aa5c0327ea21a7a964a1f88e12da291f
SSDEEP

6144:d0PCRT5LgXEhN7th62W4hPpmM7wyxGV6jQ6100nmK1r8iw49cCiKkYxn:XgXEhxth62phxB7wyxGV6Z/4N49cCrRn

Score

7^/10

Malware Config

Targets

- Target
  
  63c69afe79522f175ac1811470df2b0d_JaffaCakes118
- Size
  
  448KB
- MD5
  
  63c69afe79522f175ac1811470df2b0d
- SHA1
  
  e4720022b62f2e52c594b2c792094262f019bd9c
- SHA256
  
  256cf9b068c9db92d6a70ca4c3ce99c40a64a3571ec4743f282c65297ce5e1a5
- SHA512
  
  ebd00a9a9654d611f1969d69e253d09ba8ac41a3f2ca194706294e170a90a3ade47dc3551a468e7246ed81cf446b0763aa5c0327ea21a7a964a1f88e12da291f
- SSDEEP
  
  6144:d0PCRT5LgXEhN7th62W4hPpmM7wyxGV6jQ6100nmK1r8iw49cCiKkYxn:XgXEhxth62phxB7wyxGV6Z/4N49cCrRn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2