01db040f498ed0b4b3df6337f1dd5ff472876bd70a72f96543966302ee97bfb8 | Triage

Sharing

General

Target

420973540d2d7fbde1d20890815eb81b_JaffaCakes118
Size

174KB
Sample

240713-rm127sthjr
MD5

420973540d2d7fbde1d20890815eb81b
SHA1

b39b10aa5800dd4ecb3f33855e48a38c8c5f0b93
SHA256

01db040f498ed0b4b3df6337f1dd5ff472876bd70a72f96543966302ee97bfb8
SHA512

7c6a5ba161ef4b3df885baed7cfd89fe39c9cd7be64f09241864603970b68983f314b25ebc06db78e6d0e6d62fd2ff85f43deabda952334c19d19a9a6bf80af0
SSDEEP

3072:scDV6Az1lWgFvYGnJd6KpZV3uTN9WU/G9B32w590Kqm/32nzNvI+x/tW:NQAKgFvYGJd6KpZV3uTN9WU/G9BGw59d

Score

7^/10

Malware Config

Targets

- Target
  
  420973540d2d7fbde1d20890815eb81b_JaffaCakes118
- Size
  
  174KB
- MD5
  
  420973540d2d7fbde1d20890815eb81b
- SHA1
  
  b39b10aa5800dd4ecb3f33855e48a38c8c5f0b93
- SHA256
  
  01db040f498ed0b4b3df6337f1dd5ff472876bd70a72f96543966302ee97bfb8
- SHA512
  
  7c6a5ba161ef4b3df885baed7cfd89fe39c9cd7be64f09241864603970b68983f314b25ebc06db78e6d0e6d62fd2ff85f43deabda952334c19d19a9a6bf80af0
- SSDEEP
  
  3072:scDV6Az1lWgFvYGnJd6KpZV3uTN9WU/G9B32w590Kqm/32nzNvI+x/tW:NQAKgFvYGJd6KpZV3uTN9WU/G9BGw59d
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2