a3ca2b8885d1b3e8ea2d88176fec2313b8e56b6eb27a58b2ee63624df9ec5cd4 | Triage

Sharing

General

Target

00f89b419204391da82c83f58c5c0374_JaffaCakes118
Size

18KB
Sample

240727-ztnpfsydnr
MD5

00f89b419204391da82c83f58c5c0374
SHA1

3a9d452424dc80c83e9bcd31ba4e67b695df70c5
SHA256

a3ca2b8885d1b3e8ea2d88176fec2313b8e56b6eb27a58b2ee63624df9ec5cd4
SHA512

b21e7aaad69d81e77584abb951e657f751bcc53502233f8d07669efb65e7c71ec620419df1e3375c656ed3d4ad207dfdf2ee5780bb5e9d87ac6d1e96ab628cad
SSDEEP

192:WHO6V6CXZSYp0aiZni8jt7lz4eUNsU9mH+1TKnaEjb01z1b0OBkE9zczy89f5nq3:W6CpSYp0ai1jf4eVFra8w1oOBkYgRIoy

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  00f89b419204391da82c83f58c5c0374_JaffaCakes118
- Size
  
  18KB
- MD5
  
  00f89b419204391da82c83f58c5c0374
- SHA1
  
  3a9d452424dc80c83e9bcd31ba4e67b695df70c5
- SHA256
  
  a3ca2b8885d1b3e8ea2d88176fec2313b8e56b6eb27a58b2ee63624df9ec5cd4
- SHA512
  
  b21e7aaad69d81e77584abb951e657f751bcc53502233f8d07669efb65e7c71ec620419df1e3375c656ed3d4ad207dfdf2ee5780bb5e9d87ac6d1e96ab628cad
- SSDEEP
  
  192:WHO6V6CXZSYp0aiZni8jt7lz4eUNsU9mH+1TKnaEjb01z1b0OBkE9zczy89f5nq3:W6CpSYp0ai1jf4eVFra8w1oOBkYgRIoy
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2