22b1aa39b2fdbe8b68590e87ea76f2c4669296c1e607d3a8b099e708425003a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6d7433724dbd240cec77dfb31f1a958_JaffaCakes118
Size

285KB
Sample

240613-1699nasdrd
MD5

a6d7433724dbd240cec77dfb31f1a958
SHA1

4a2c5666f3e9495eb96a631fe9224f303c1a8181
SHA256

22b1aa39b2fdbe8b68590e87ea76f2c4669296c1e607d3a8b099e708425003a8
SHA512

8c442744eb7e234a70a96223fe4cb2df0961d9098299dd84cc00e7b6b2a68ccebb51f9c4019372f74d6536379b375370eb4beb659d07489a8fa76094fb924852
SSDEEP

6144:CWBRxSp6Ytv4mI2mSK+QIBNyd/Qd9FWbr2ZX:CWBRxSp82mSBQd/AWH2B

Score

7^/10

Malware Config

Targets

- Target
  
  a6d7433724dbd240cec77dfb31f1a958_JaffaCakes118
- Size
  
  285KB
- MD5
  
  a6d7433724dbd240cec77dfb31f1a958
- SHA1
  
  4a2c5666f3e9495eb96a631fe9224f303c1a8181
- SHA256
  
  22b1aa39b2fdbe8b68590e87ea76f2c4669296c1e607d3a8b099e708425003a8
- SHA512
  
  8c442744eb7e234a70a96223fe4cb2df0961d9098299dd84cc00e7b6b2a68ccebb51f9c4019372f74d6536379b375370eb4beb659d07489a8fa76094fb924852
- SSDEEP
  
  6144:CWBRxSp6Ytv4mI2mSK+QIBNyd/Qd9FWbr2ZX:CWBRxSp82mSBQd/AWH2B
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2