8817a4c72f1003d33b5e46cd2e1926ae8a90ea074906c105ff29bcd82569fbe1 | Triage

Sharing

General

Target

70b8d479a17bcf83d42af2c2ac594ef4_JaffaCakes118
Size

423KB
Sample

240725-wz1dnazdke
MD5

70b8d479a17bcf83d42af2c2ac594ef4
SHA1

23379f6d2162ef6858bb52659e9cafd8a90135d3
SHA256

8817a4c72f1003d33b5e46cd2e1926ae8a90ea074906c105ff29bcd82569fbe1
SHA512

09aab3a5d80cc9788fc78baedf8166c61bca5c09a1732db88e26b634f741c44acc8656d79c36f6eefddb251cf42a9e2b04777c646bb6399a2825c7b2609a56b6
SSDEEP

12288:gutrzh9xOXkPNdFRqmFecn8lpy7OehLBHiSe:gutr5OUPTumF3nopy7OcLJiSe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  70b8d479a17bcf83d42af2c2ac594ef4_JaffaCakes118
- Size
  
  423KB
- MD5
  
  70b8d479a17bcf83d42af2c2ac594ef4
- SHA1
  
  23379f6d2162ef6858bb52659e9cafd8a90135d3
- SHA256
  
  8817a4c72f1003d33b5e46cd2e1926ae8a90ea074906c105ff29bcd82569fbe1
- SHA512
  
  09aab3a5d80cc9788fc78baedf8166c61bca5c09a1732db88e26b634f741c44acc8656d79c36f6eefddb251cf42a9e2b04777c646bb6399a2825c7b2609a56b6
- SSDEEP
  
  12288:gutrzh9xOXkPNdFRqmFecn8lpy7OehLBHiSe:gutr5OUPTumF3nopy7OcLJiSe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2