044cdd8f019919db593b7cc3772ffeec63351180bfe37039cf38aad534621a3c | Triage

Sharing

General

Target

866218537f9d9f69459c3298985ff1e0_JaffaCakes118
Size

340KB
Sample

240810-rlsz7sxbne
MD5

866218537f9d9f69459c3298985ff1e0
SHA1

9756b8814c5a43e963d35e9ceff863074ef3fc13
SHA256

044cdd8f019919db593b7cc3772ffeec63351180bfe37039cf38aad534621a3c
SHA512

afc0e026b8bc6614c6812f01467f086c5b7da9108f7e62ea68a01b4a7a08129f91c7ab6c173fb4e6c419266dc31cc5837b7e5b5256b425ea7952ec36094f302b
SSDEEP

6144:djfflWp4znRKCLuXxvrS3Jd9WiwHHo3p:dj8p49KCL6xv+BCG

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  866218537f9d9f69459c3298985ff1e0_JaffaCakes118
- Size
  
  340KB
- MD5
  
  866218537f9d9f69459c3298985ff1e0
- SHA1
  
  9756b8814c5a43e963d35e9ceff863074ef3fc13
- SHA256
  
  044cdd8f019919db593b7cc3772ffeec63351180bfe37039cf38aad534621a3c
- SHA512
  
  afc0e026b8bc6614c6812f01467f086c5b7da9108f7e62ea68a01b4a7a08129f91c7ab6c173fb4e6c419266dc31cc5837b7e5b5256b425ea7952ec36094f302b
- SSDEEP
  
  6144:djfflWp4znRKCLuXxvrS3Jd9WiwHHo3p:dj8p49KCL6xv+BCG
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2