026438b61f0cfaa5e53455fa92f237b4461a8294c34b6539c9f7441e2c76df17 | Triage

Sharing

General

Target

69148c404422afb8132b730c60ab148c_JaffaCakes118
Size

9.4MB
Sample

240523-aa8g3sea5x
MD5

69148c404422afb8132b730c60ab148c
SHA1

a3015192470f087894a33b15f0e930fd1c6c657f
SHA256

026438b61f0cfaa5e53455fa92f237b4461a8294c34b6539c9f7441e2c76df17
SHA512

ee7b50023468cdd2b193b50949947c8766e400b08c5389e93f53b10aca65dc3a02f071270b1fc91b07f7e596ad490b5de5e23e9c142ca2fdc6166f1ca8b1ba36
SSDEEP

196608:AGjEke3IVQgJmFWL6A775WaTB7U/nd+Qkok+7ZBEB1l7asw:AGYzoARAxWeGtkr1l7Zw

Score

8^/10

Malware Config

Targets

- Target
  
  69148c404422afb8132b730c60ab148c_JaffaCakes118
- Size
  
  9.4MB
- MD5
  
  69148c404422afb8132b730c60ab148c
- SHA1
  
  a3015192470f087894a33b15f0e930fd1c6c657f
- SHA256
  
  026438b61f0cfaa5e53455fa92f237b4461a8294c34b6539c9f7441e2c76df17
- SHA512
  
  ee7b50023468cdd2b193b50949947c8766e400b08c5389e93f53b10aca65dc3a02f071270b1fc91b07f7e596ad490b5de5e23e9c142ca2fdc6166f1ca8b1ba36
- SSDEEP
  
  196608:AGjEke3IVQgJmFWL6A775WaTB7U/nd+Qkok+7ZBEB1l7asw:AGYzoARAxWeGtkr1l7Zw
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2