4b876e0df2482473c0e10c30815a93b21bdb409361c3628b7af65e507bb77d84 | Triage

Sharing

General

Target

264aa882e59df39d0dc7175249f505fe_JaffaCakes118
Size

41KB
Sample

240704-1et4cssenf
MD5

264aa882e59df39d0dc7175249f505fe
SHA1

2125b8bab88be608298faf5da9d0ab2fec5bae41
SHA256

4b876e0df2482473c0e10c30815a93b21bdb409361c3628b7af65e507bb77d84
SHA512

6c74c1d6b53e9ae1664001e57fbdfb78754ba3b0096516813f69723c311e614033f70054dab9a41cb12ec480cf6709a0a3ee15f5a7e9e3e912999c673a529284
SSDEEP

768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnooNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUhNzd

Score

7^/10

Malware Config

Targets

- Target
  
  264aa882e59df39d0dc7175249f505fe_JaffaCakes118
- Size
  
  41KB
- MD5
  
  264aa882e59df39d0dc7175249f505fe
- SHA1
  
  2125b8bab88be608298faf5da9d0ab2fec5bae41
- SHA256
  
  4b876e0df2482473c0e10c30815a93b21bdb409361c3628b7af65e507bb77d84
- SHA512
  
  6c74c1d6b53e9ae1664001e57fbdfb78754ba3b0096516813f69723c311e614033f70054dab9a41cb12ec480cf6709a0a3ee15f5a7e9e3e912999c673a529284
- SSDEEP
  
  768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnooNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUhNzd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2