31fc67e691f97496404ee6db955aecf0ed15a620270637433b7ec182f441e508 | Triage

Sharing

General

Target

65b8821bec26f4abf1432db31fa8275c_JaffaCakes118
Size

2.2MB
Sample

240522-c4pyyahg9t
MD5

65b8821bec26f4abf1432db31fa8275c
SHA1

f8078d74f99215df8c3af09c809e0902145edb29
SHA256

31fc67e691f97496404ee6db955aecf0ed15a620270637433b7ec182f441e508
SHA512

aeff427113d366c38cb9c9e0633f2ab8fd7a1576c0fddb64aeb40d1b0aef82e619542600b78a9508f962c12653ca770ec1736466e7cc025792f9e4f58a726727
SSDEEP

49152:2rIDRWlhI7kmA9CVPuPzXrUgW9JLUgF+p:2ORWDI7kXCVPtTs

Score

7^/10

Malware Config

Targets

- Target
  
  65b8821bec26f4abf1432db31fa8275c_JaffaCakes118
- Size
  
  2.2MB
- MD5
  
  65b8821bec26f4abf1432db31fa8275c
- SHA1
  
  f8078d74f99215df8c3af09c809e0902145edb29
- SHA256
  
  31fc67e691f97496404ee6db955aecf0ed15a620270637433b7ec182f441e508
- SHA512
  
  aeff427113d366c38cb9c9e0633f2ab8fd7a1576c0fddb64aeb40d1b0aef82e619542600b78a9508f962c12653ca770ec1736466e7cc025792f9e4f58a726727
- SSDEEP
  
  49152:2rIDRWlhI7kmA9CVPuPzXrUgW9JLUgF+p:2ORWDI7kXCVPtTs
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2