a9004ce06f4dc61a66972a2082ffd7b63614dc7bcb2072e262accbf119da0fc1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20d3c0daac0396f4e1d96b8550c17896_JaffaCakes118
Size

32KB
Sample

240703-davg1axhkn
MD5

20d3c0daac0396f4e1d96b8550c17896
SHA1

da86a9b13c6fd434e5195e2c1a7aa7a036a1d7e2
SHA256

a9004ce06f4dc61a66972a2082ffd7b63614dc7bcb2072e262accbf119da0fc1
SHA512

ee5be31dd1ef538bc0459fdfac7ff6c63e3af8f0a2dbc46e42d58407c79f469102c19cdda67e3c1a72054f065f4457c6bdda91c004862880f7fa9f27e1820c76
SSDEEP

384:lHNjOwJLA9FNW9ZpvMeRDL0yZLa3RlOKybtMkt4U8Vc9oCcqXlEl:lHNjOwpr90KXvPuUtdQ

Score

7^/10

Malware Config

Targets

- Target
  
  20d3c0daac0396f4e1d96b8550c17896_JaffaCakes118
- Size
  
  32KB
- MD5
  
  20d3c0daac0396f4e1d96b8550c17896
- SHA1
  
  da86a9b13c6fd434e5195e2c1a7aa7a036a1d7e2
- SHA256
  
  a9004ce06f4dc61a66972a2082ffd7b63614dc7bcb2072e262accbf119da0fc1
- SHA512
  
  ee5be31dd1ef538bc0459fdfac7ff6c63e3af8f0a2dbc46e42d58407c79f469102c19cdda67e3c1a72054f065f4457c6bdda91c004862880f7fa9f27e1820c76
- SSDEEP
  
  384:lHNjOwJLA9FNW9ZpvMeRDL0yZLa3RlOKybtMkt4U8Vc9oCcqXlEl:lHNjOwpr90KXvPuUtdQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2