6bec258e312d8ba0fc41232beb984d1cdf4f12cf75b621bc5802ea8b1827573a | Triage

Sharing

General

Target

3c4bcaa926c744b2dc4092f169dc4fff_JaffaCakes118
Size

30KB
Sample

240712-g6n7mssamj
MD5

3c4bcaa926c744b2dc4092f169dc4fff
SHA1

10a9085984bb1bbc0afb3344409b7e8f33adbbf0
SHA256

6bec258e312d8ba0fc41232beb984d1cdf4f12cf75b621bc5802ea8b1827573a
SHA512

a3178ff5f78aa9f4e30923e5679e9a82c0fbbc52571775cb2a0f5c953c8e64d4716b9493beba938ba2f01c44cbdc2b25e57247ea5a0c540b437b204a91879734
SSDEEP

384:7GOFevQdOAOgIYKn6VQ1s7I7LhBPa8tbQf5umaIDZju6IIJ7firU+7TG:7GOiTNnaE7Vg8MkIQ63ur8

Score

7^/10

Malware Config

Targets

- Target
  
  3c4bcaa926c744b2dc4092f169dc4fff_JaffaCakes118
- Size
  
  30KB
- MD5
  
  3c4bcaa926c744b2dc4092f169dc4fff
- SHA1
  
  10a9085984bb1bbc0afb3344409b7e8f33adbbf0
- SHA256
  
  6bec258e312d8ba0fc41232beb984d1cdf4f12cf75b621bc5802ea8b1827573a
- SHA512
  
  a3178ff5f78aa9f4e30923e5679e9a82c0fbbc52571775cb2a0f5c953c8e64d4716b9493beba938ba2f01c44cbdc2b25e57247ea5a0c540b437b204a91879734
- SSDEEP
  
  384:7GOFevQdOAOgIYKn6VQ1s7I7LhBPa8tbQf5umaIDZju6IIJ7firU+7TG:7GOiTNnaE7Vg8MkIQ63ur8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2