b77df89c3aa5eb76eaa3886c64738aa620c9d9594b9388edf16b6403f9387174 | Triage

Sharing

General

Target

3f2295166c2841b75a3990dbff5c3c80_JaffaCakes118
Size

2.6MB
Sample

240712-2ghnsatblq
MD5

3f2295166c2841b75a3990dbff5c3c80
SHA1

f325eeffcf59bd118a49c7554be234aab92a19a9
SHA256

b77df89c3aa5eb76eaa3886c64738aa620c9d9594b9388edf16b6403f9387174
SHA512

c3b21eb2d4c19128a2037061e557bcaf75d93f4737f0d9faebc123b796a89dc93ec739ee6912741eff0ccc3ad1ca7f46c4be3fc7e479bbbd96e0934f98ca3a4d
SSDEEP

49152:oDy796EvMtTx435MtV+On5vMNbcwO6m2zGKYraTh+ZTOdFrxviiBI1rk:f7AEvgVOA5WbcoHzGlr8h+5q4i3

Score

7^/10

Malware Config

Targets

- Target
  
  3f2295166c2841b75a3990dbff5c3c80_JaffaCakes118
- Size
  
  2.6MB
- MD5
  
  3f2295166c2841b75a3990dbff5c3c80
- SHA1
  
  f325eeffcf59bd118a49c7554be234aab92a19a9
- SHA256
  
  b77df89c3aa5eb76eaa3886c64738aa620c9d9594b9388edf16b6403f9387174
- SHA512
  
  c3b21eb2d4c19128a2037061e557bcaf75d93f4737f0d9faebc123b796a89dc93ec739ee6912741eff0ccc3ad1ca7f46c4be3fc7e479bbbd96e0934f98ca3a4d
- SSDEEP
  
  49152:oDy796EvMtTx435MtV+On5vMNbcwO6m2zGKYraTh+ZTOdFrxviiBI1rk:f7AEvgVOA5WbcoHzGlr8h+5q4i3
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2