ad3b51e72dc5f0ba7eba7759467a29e087a401c5b9c1529cedee0c3302ebc779 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3098ef033f7b9d1cf78d50f3a9360bec_JaffaCakes118
Size

386KB
Sample

240709-qxkyaswglp
MD5

3098ef033f7b9d1cf78d50f3a9360bec
SHA1

91ba6c66e5ce189cc718ce4c8c308300c049e72d
SHA256

ad3b51e72dc5f0ba7eba7759467a29e087a401c5b9c1529cedee0c3302ebc779
SHA512

4e7e12e0ef2655dea0e2b40b6769b84a6171cedd4d78e743ed4c858e5c3244845fe374b4b5c24cc4bdb48b4487ac46b323dc4e7dc39f641ee4d1d62c0212c3a2
SSDEEP

6144:f4lRkAehaKuqT+FM2ed9s9uSfg+BgAOYhDNsN8KZc6Q/Z+5UMiP5Ym:fkWAehJuqT7vsQSfNEYrracyTiGm

Score

7^/10

Malware Config

Targets

- Target
  
  3098ef033f7b9d1cf78d50f3a9360bec_JaffaCakes118
- Size
  
  386KB
- MD5
  
  3098ef033f7b9d1cf78d50f3a9360bec
- SHA1
  
  91ba6c66e5ce189cc718ce4c8c308300c049e72d
- SHA256
  
  ad3b51e72dc5f0ba7eba7759467a29e087a401c5b9c1529cedee0c3302ebc779
- SHA512
  
  4e7e12e0ef2655dea0e2b40b6769b84a6171cedd4d78e743ed4c858e5c3244845fe374b4b5c24cc4bdb48b4487ac46b323dc4e7dc39f641ee4d1d62c0212c3a2
- SSDEEP
  
  6144:f4lRkAehaKuqT+FM2ed9s9uSfg+BgAOYhDNsN8KZc6Q/Z+5UMiP5Ym:fkWAehJuqT7vsQSfNEYrracyTiGm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2