1532d510863babf2935e0f3e6ffcf56140c92260d4f0ecf6cb1f0125868d8838 | Triage

Sharing

General

Target

6932af630f2ffbd2267a4b8576a33e6a_JaffaCakes118
Size

361KB
Sample

240523-a7dc7sfe85
MD5

6932af630f2ffbd2267a4b8576a33e6a
SHA1

6c113c6ab957fc188ffee30232f2481b9636402e
SHA256

1532d510863babf2935e0f3e6ffcf56140c92260d4f0ecf6cb1f0125868d8838
SHA512

f83aad3753e84c79b9ac666ace4321c1162c363da6c254178976a2f3d9a08af38eba0ae0a477b2567d9cc73b616ee302f3d1eada48d6b8400dc26a42fe4e379d
SSDEEP

6144:rgU633ZwSmJy7Lbii5bkgVuN+xSKV7Wkrsf7Lss2dA+wp5lUjpWUkZrpyN:rgJZwSmJSXikbkgaISKVM2dUU8U4i

Score

7^/10

Malware Config

Targets

- Target
  
  6932af630f2ffbd2267a4b8576a33e6a_JaffaCakes118
- Size
  
  361KB
- MD5
  
  6932af630f2ffbd2267a4b8576a33e6a
- SHA1
  
  6c113c6ab957fc188ffee30232f2481b9636402e
- SHA256
  
  1532d510863babf2935e0f3e6ffcf56140c92260d4f0ecf6cb1f0125868d8838
- SHA512
  
  f83aad3753e84c79b9ac666ace4321c1162c363da6c254178976a2f3d9a08af38eba0ae0a477b2567d9cc73b616ee302f3d1eada48d6b8400dc26a42fe4e379d
- SSDEEP
  
  6144:rgU633ZwSmJy7Lbii5bkgVuN+xSKV7Wkrsf7Lss2dA+wp5lUjpWUkZrpyN:rgJZwSmJSXikbkgaISKVM2dUU8U4i
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2