94230a66edf968de2ad38bf0dce3d450adb26194cef2a2d15f8a0d54dd10c6c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19cba72901f33de7b762f9788cc86038_JaffaCakes118
Size

371KB
Sample

240628-mkveesvbqg
MD5

19cba72901f33de7b762f9788cc86038
SHA1

c1df2246013881168c101306e989dbb401c284fe
SHA256

94230a66edf968de2ad38bf0dce3d450adb26194cef2a2d15f8a0d54dd10c6c7
SHA512

8b78d5522140e3c598b7fac222e652ad3522a944f84b9e68bcf7ca80937e20e1f4fb1e57e31978b58605af9dcc8bd6bd2c0c847faf0bef03132ca9962bff45fe
SSDEEP

6144:AKvf+NgElN4mrhteIf0vlA52FcaAhIBHDubRBxFEzwLlG+rPqdx6/LOO6NH3Cr1Q:z5GSmrrem2f8YIRPFEkLI+rnTOOeXC6

Score

7^/10

Malware Config

Targets

- Target
  
  19cba72901f33de7b762f9788cc86038_JaffaCakes118
- Size
  
  371KB
- MD5
  
  19cba72901f33de7b762f9788cc86038
- SHA1
  
  c1df2246013881168c101306e989dbb401c284fe
- SHA256
  
  94230a66edf968de2ad38bf0dce3d450adb26194cef2a2d15f8a0d54dd10c6c7
- SHA512
  
  8b78d5522140e3c598b7fac222e652ad3522a944f84b9e68bcf7ca80937e20e1f4fb1e57e31978b58605af9dcc8bd6bd2c0c847faf0bef03132ca9962bff45fe
- SSDEEP
  
  6144:AKvf+NgElN4mrhteIf0vlA52FcaAhIBHDubRBxFEzwLlG+rPqdx6/LOO6NH3Cr1Q:z5GSmrrem2f8YIRPFEkLI+rnTOOeXC6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2