aafd5bd76f9203879e4dd30733505fc4b94d73eb47bb6c621d37d1ea2cd46748 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b6333f762148bf3076664b5358b3006_JaffaCakes118
Size

2.5MB
Sample

240715-zwevbs1hmc
MD5

4b6333f762148bf3076664b5358b3006
SHA1

4b271d2d9894cd1c66563c0463dd765129d400e9
SHA256

aafd5bd76f9203879e4dd30733505fc4b94d73eb47bb6c621d37d1ea2cd46748
SHA512

372292d5bd444876d680cde26b86c98b87a62dc7029c0741fa9f4e51b0ee65f75338e1d86243fe876e941b9d96ab84a17ac3cfe7196f5622ef4bba7aa8f7c833
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1r6:o7AEvgVOy29Ls3JslVYzjMO26if

Score

7^/10

Malware Config

Targets

- Target
  
  4b6333f762148bf3076664b5358b3006_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  4b6333f762148bf3076664b5358b3006
- SHA1
  
  4b271d2d9894cd1c66563c0463dd765129d400e9
- SHA256
  
  aafd5bd76f9203879e4dd30733505fc4b94d73eb47bb6c621d37d1ea2cd46748
- SHA512
  
  372292d5bd444876d680cde26b86c98b87a62dc7029c0741fa9f4e51b0ee65f75338e1d86243fe876e941b9d96ab84a17ac3cfe7196f5622ef4bba7aa8f7c833
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1r6:o7AEvgVOy29Ls3JslVYzjMO26if
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2