6fb424df170206a28a96e8234701bdf0bbc4642c9257bae68194650a1a92972b | Triage

Sharing

General

Target

65dd5595a227f633a79747be3731f163_JaffaCakes118
Size

7.8MB
Sample

240522-d4drcaah7t
MD5

65dd5595a227f633a79747be3731f163
SHA1

43a94bc86441874c6897042ee11caef250b26268
SHA256

6fb424df170206a28a96e8234701bdf0bbc4642c9257bae68194650a1a92972b
SHA512

e6a79fd649e2cf50bb408b761b435e230c1bc271487a45ebcc883ea025b41efbdfe2c722031efe6dc61a46adb4f480a47d1023f4565a07da5a0a60b28fe2a56e
SSDEEP

196608:aG5k/h3pNMT4gUdpYX8E8S6dsAYiMCQFB5g:v5mh3pppw8E8S6655g

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  65dd5595a227f633a79747be3731f163_JaffaCakes118
- Size
  
  7.8MB
- MD5
  
  65dd5595a227f633a79747be3731f163
- SHA1
  
  43a94bc86441874c6897042ee11caef250b26268
- SHA256
  
  6fb424df170206a28a96e8234701bdf0bbc4642c9257bae68194650a1a92972b
- SHA512
  
  e6a79fd649e2cf50bb408b761b435e230c1bc271487a45ebcc883ea025b41efbdfe2c722031efe6dc61a46adb4f480a47d1023f4565a07da5a0a60b28fe2a56e
- SSDEEP
  
  196608:aG5k/h3pNMT4gUdpYX8E8S6dsAYiMCQFB5g:v5mh3pppw8E8S6655g
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Software Discovery

Security Software Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2