09eea805d1b2907942d4e3c13eb386ce4973b80aed89f64055d299711a4e8824 | Triage

Sharing

General

Target

64b04d5c2a0621ce325b322fc3c09020_JaffaCakes118
Size

14KB
Sample

240722-y9qy3sxbnm
MD5

64b04d5c2a0621ce325b322fc3c09020
SHA1

1a9a91fdd060e3ee8c969eb725d6c456d9709bbe
SHA256

09eea805d1b2907942d4e3c13eb386ce4973b80aed89f64055d299711a4e8824
SHA512

21fbca94856bb975e6fbe07080b0ea0b4f44b0117056e3b8c28714a18141fed67c2abd24012c7bccb6072cff4bbd6446829a34e356c5511328d9fc97d32905c2
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhv0:hDXWipuE+K3/SSHgxl0

Score

7^/10

Malware Config

Targets

- Target
  
  64b04d5c2a0621ce325b322fc3c09020_JaffaCakes118
- Size
  
  14KB
- MD5
  
  64b04d5c2a0621ce325b322fc3c09020
- SHA1
  
  1a9a91fdd060e3ee8c969eb725d6c456d9709bbe
- SHA256
  
  09eea805d1b2907942d4e3c13eb386ce4973b80aed89f64055d299711a4e8824
- SHA512
  
  21fbca94856bb975e6fbe07080b0ea0b4f44b0117056e3b8c28714a18141fed67c2abd24012c7bccb6072cff4bbd6446829a34e356c5511328d9fc97d32905c2
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhv0:hDXWipuE+K3/SSHgxl0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2