0228358f09dbdd68b5fe8b554ddb8c66448e37f76825c64719946474058a38d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

820a2fbf02521cc216168c64e5964aec_JaffaCakes118
Size

224KB
Sample

240801-2r3rps1akq
MD5

820a2fbf02521cc216168c64e5964aec
SHA1

0748e3dfe373ffb6c4ac73608ac0996fd530ac50
SHA256

0228358f09dbdd68b5fe8b554ddb8c66448e37f76825c64719946474058a38d6
SHA512

632effbdbf1127270f6f9c28501dddc236f899756903405469628d8c697a6847c27d4f5271b0b1e65c1c749c84f39360b50b944dde46ea3df9319bbb18180eab
SSDEEP

6144:1cPDbOuy//oSj3b1jpwE9vApXGTWLyAe912PECr2yo:uPDSESr7vA1JLyP2PAyo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  820a2fbf02521cc216168c64e5964aec_JaffaCakes118
- Size
  
  224KB
- MD5
  
  820a2fbf02521cc216168c64e5964aec
- SHA1
  
  0748e3dfe373ffb6c4ac73608ac0996fd530ac50
- SHA256
  
  0228358f09dbdd68b5fe8b554ddb8c66448e37f76825c64719946474058a38d6
- SHA512
  
  632effbdbf1127270f6f9c28501dddc236f899756903405469628d8c697a6847c27d4f5271b0b1e65c1c749c84f39360b50b944dde46ea3df9319bbb18180eab
- SSDEEP
  
  6144:1cPDbOuy//oSj3b1jpwE9vApXGTWLyAe912PECr2yo:uPDSESr7vA1JLyP2PAyo
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2