1f18ac5b08e3d5a7fdc650867a876bcd21f9fde5b23a4de8ade853699eb0b326 | Triage

Sharing

General

Target

447a89c0c68b5173eaa1f59fffc55220_JaffaCakes118
Size

809KB
Sample

240714-f2vm7axhkl
MD5

447a89c0c68b5173eaa1f59fffc55220
SHA1

813377b6cb1086be6f93ce3f27c2f9a3efef84db
SHA256

1f18ac5b08e3d5a7fdc650867a876bcd21f9fde5b23a4de8ade853699eb0b326
SHA512

d536eff0265a210089a7d673002b59d2ac1439cb9751a4544e48015f44accdf9accdea09e4f678f2c35ce0f3a48d6a18cab3d710ecff0f08b214937fc8cd802e
SSDEEP

12288:kGz5971uu6q99/KqkNwdJ+0bAbRNNcd09dajXqShJaRuBcSc49onVY84PJgUONvx:/99SqKwd7AZAVWYBcSb9kVF4B2

Score

7^/10

Malware Config

Targets

- Target
  
  447a89c0c68b5173eaa1f59fffc55220_JaffaCakes118
- Size
  
  809KB
- MD5
  
  447a89c0c68b5173eaa1f59fffc55220
- SHA1
  
  813377b6cb1086be6f93ce3f27c2f9a3efef84db
- SHA256
  
  1f18ac5b08e3d5a7fdc650867a876bcd21f9fde5b23a4de8ade853699eb0b326
- SHA512
  
  d536eff0265a210089a7d673002b59d2ac1439cb9751a4544e48015f44accdf9accdea09e4f678f2c35ce0f3a48d6a18cab3d710ecff0f08b214937fc8cd802e
- SSDEEP
  
  12288:kGz5971uu6q99/KqkNwdJ+0bAbRNNcd09dajXqShJaRuBcSc49onVY84PJgUONvx:/99SqKwd7AZAVWYBcSb9kVF4B2
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2