554b13509775e740da29e1f0410f2dab4273ea313b011614005a3ac4be355841 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

728f7d6f279e63252728a5ea7fb0e73a_JaffaCakes118
Size

14KB
Sample

240726-exh8xswcpr
MD5

728f7d6f279e63252728a5ea7fb0e73a
SHA1

fe8b6e9a07c6f70a5c4498fdc1a373179c4e9182
SHA256

554b13509775e740da29e1f0410f2dab4273ea313b011614005a3ac4be355841
SHA512

c70446fdda0588bf498d63bded2e30e5ea74676a8f1f79f1b4e587859f9b8b12f12b5da598d1ccc89197a619a65771646d60c2cd2b1ce3b72650d5b27cc78829
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYl1X:hDXWipuE+K3/SSHgxml5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  728f7d6f279e63252728a5ea7fb0e73a_JaffaCakes118
- Size
  
  14KB
- MD5
  
  728f7d6f279e63252728a5ea7fb0e73a
- SHA1
  
  fe8b6e9a07c6f70a5c4498fdc1a373179c4e9182
- SHA256
  
  554b13509775e740da29e1f0410f2dab4273ea313b011614005a3ac4be355841
- SHA512
  
  c70446fdda0588bf498d63bded2e30e5ea74676a8f1f79f1b4e587859f9b8b12f12b5da598d1ccc89197a619a65771646d60c2cd2b1ce3b72650d5b27cc78829
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYl1X:hDXWipuE+K3/SSHgxml5
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2