c1c9e703e13fd8c4bb6f92d56adada2b8850edc0e83758daa2e7788256c7631c | Triage

Sharing

General

Target

31f9df1458239be365b6dfba522d4cca_JaffaCakes118
Size

2.5MB
Sample

240709-zya9xswbnm
MD5

31f9df1458239be365b6dfba522d4cca
SHA1

4ec899810aeb5729aa5c2b10992c487851477f60
SHA256

c1c9e703e13fd8c4bb6f92d56adada2b8850edc0e83758daa2e7788256c7631c
SHA512

92d9b9d0d96bf01d816d91ffef4182aac5ba259ccabbaf4f4a7f78fd7064f8f4ad1f4439248a314ef29d946e2bee20800fa01a0be958247613d0ab82dbd161b6
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rL:o7AEvgVOy29Ls3JslVYzjMO26iu

Score

7^/10

Malware Config

Targets

- Target
  
  31f9df1458239be365b6dfba522d4cca_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  31f9df1458239be365b6dfba522d4cca
- SHA1
  
  4ec899810aeb5729aa5c2b10992c487851477f60
- SHA256
  
  c1c9e703e13fd8c4bb6f92d56adada2b8850edc0e83758daa2e7788256c7631c
- SHA512
  
  92d9b9d0d96bf01d816d91ffef4182aac5ba259ccabbaf4f4a7f78fd7064f8f4ad1f4439248a314ef29d946e2bee20800fa01a0be958247613d0ab82dbd161b6
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rL:o7AEvgVOy29Ls3JslVYzjMO26iu
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2