02e8831f310141d1f328f6b23c9151ccbb4fa770c426e101fee38012c675eaf4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

705c402e71db963638b913cbc73cb561_JaffaCakes118
Size

250KB
Sample

240725-txye6svblb
MD5

705c402e71db963638b913cbc73cb561
SHA1

45c0dd0455f5c4bf84b470504781827aba71e06c
SHA256

02e8831f310141d1f328f6b23c9151ccbb4fa770c426e101fee38012c675eaf4
SHA512

39e7e737e1f0268fd874e39b1b92f1b6d3a4a3e0050cac62b68b23481379b8930896b138bb94a02579865d789facc007f9ec8a888d27fd1cc97f38669d15dc4b
SSDEEP

6144:BiqvdXjtwTcu6rsgAIPn+eq2QLib6fEOXCIq2QLibM:BigdX5wIigHJbHOXCcbM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  705c402e71db963638b913cbc73cb561_JaffaCakes118
- Size
  
  250KB
- MD5
  
  705c402e71db963638b913cbc73cb561
- SHA1
  
  45c0dd0455f5c4bf84b470504781827aba71e06c
- SHA256
  
  02e8831f310141d1f328f6b23c9151ccbb4fa770c426e101fee38012c675eaf4
- SHA512
  
  39e7e737e1f0268fd874e39b1b92f1b6d3a4a3e0050cac62b68b23481379b8930896b138bb94a02579865d789facc007f9ec8a888d27fd1cc97f38669d15dc4b
- SSDEEP
  
  6144:BiqvdXjtwTcu6rsgAIPn+eq2QLib6fEOXCIq2QLibM:BigdX5wIigHJbHOXCcbM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2