2bd9fa4cfeba3e913fcfa395c616128cd0ed558daa5098a0a1f7b0dd02dcd970 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a5377c7be8fe817edbbb5cef0f55e9e_JaffaCakes118
Size

135KB
Sample

240628-qw33gsscpf
MD5

1a5377c7be8fe817edbbb5cef0f55e9e
SHA1

3690e4aece36a21ca4cd6a654eca31deb9804b47
SHA256

2bd9fa4cfeba3e913fcfa395c616128cd0ed558daa5098a0a1f7b0dd02dcd970
SHA512

c74bb72a3ab9e63bd71daf7ce1c41c72fab6162d43a9ecf38b30fa47c84e1d17c911074fe44e3feb91cd153838a9fe72221be0a8cfcd341452f96532b8ee8973
SSDEEP

3072:DRZ/l4QK+HpYpMkE9TrwRjiuQzlRwg9K8orFC/wiBz/eeS5o:D3/l4QjJYpMHV6//gY3rFC/NT7

Score

7^/10

Malware Config

Targets

- Target
  
  1a5377c7be8fe817edbbb5cef0f55e9e_JaffaCakes118
- Size
  
  135KB
- MD5
  
  1a5377c7be8fe817edbbb5cef0f55e9e
- SHA1
  
  3690e4aece36a21ca4cd6a654eca31deb9804b47
- SHA256
  
  2bd9fa4cfeba3e913fcfa395c616128cd0ed558daa5098a0a1f7b0dd02dcd970
- SHA512
  
  c74bb72a3ab9e63bd71daf7ce1c41c72fab6162d43a9ecf38b30fa47c84e1d17c911074fe44e3feb91cd153838a9fe72221be0a8cfcd341452f96532b8ee8973
- SSDEEP
  
  3072:DRZ/l4QK+HpYpMkE9TrwRjiuQzlRwg9K8orFC/wiBz/eeS5o:D3/l4QjJYpMHV6//gY3rFC/NT7
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2