a3b515cbe5c0623960a2b940ee19cd4ec203bb37f436b1af0a6d60c8b8485eef | Triage

Sharing

General

Target

86810be766a2886b92a6507cc835e828_JaffaCakes118
Size

14KB
Sample

240810-sanrsaycla
MD5

86810be766a2886b92a6507cc835e828
SHA1

869077edc4582eccc25bf3eacc0f5aadd781e09a
SHA256

a3b515cbe5c0623960a2b940ee19cd4ec203bb37f436b1af0a6d60c8b8485eef
SHA512

cd57b6e4a895ef033b46826be3db58388e10ada50a29fc53739c02836b5d04fac14d92d6a4f7f147a62a12164ac2210b2be83757d0f0017d5d0e4f06d5bfce21
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlCI8:hDXWipuE+K3/SSHgxmlCI8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  86810be766a2886b92a6507cc835e828_JaffaCakes118
- Size
  
  14KB
- MD5
  
  86810be766a2886b92a6507cc835e828
- SHA1
  
  869077edc4582eccc25bf3eacc0f5aadd781e09a
- SHA256
  
  a3b515cbe5c0623960a2b940ee19cd4ec203bb37f436b1af0a6d60c8b8485eef
- SHA512
  
  cd57b6e4a895ef033b46826be3db58388e10ada50a29fc53739c02836b5d04fac14d92d6a4f7f147a62a12164ac2210b2be83757d0f0017d5d0e4f06d5bfce21
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlCI8:hDXWipuE+K3/SSHgxmlCI8
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2