ab341d3bbe040919a9bbd349cf782879f4c05ea59f93ba192ec224635ec7404d | Triage

Sharing

General

Target

877a025019b202c2d46aa3a44a2fbec9_JaffaCakes118
Size

680KB
Sample

240810-ys7khawapn
MD5

877a025019b202c2d46aa3a44a2fbec9
SHA1

7d596b16bdd3867bf6910948de7af8e959877dff
SHA256

ab341d3bbe040919a9bbd349cf782879f4c05ea59f93ba192ec224635ec7404d
SHA512

7ed0f61b343fd06c7cdd27eb5e942407b22f434870ddc9e8e612b5053ef102f4ab98e32b1a0a107b937f258be9995c79d804e1058a9c2bbfda5a56b57ce91300
SSDEEP

12288:bGcoXCMUZftSTrISC/icGlCME5D2Ah9TGJrX30GIcEhrDlYXC2YJ2v:1aNQSDFlCzzLTGJ4G+4Y

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  877a025019b202c2d46aa3a44a2fbec9_JaffaCakes118
- Size
  
  680KB
- MD5
  
  877a025019b202c2d46aa3a44a2fbec9
- SHA1
  
  7d596b16bdd3867bf6910948de7af8e959877dff
- SHA256
  
  ab341d3bbe040919a9bbd349cf782879f4c05ea59f93ba192ec224635ec7404d
- SHA512
  
  7ed0f61b343fd06c7cdd27eb5e942407b22f434870ddc9e8e612b5053ef102f4ab98e32b1a0a107b937f258be9995c79d804e1058a9c2bbfda5a56b57ce91300
- SSDEEP
  
  12288:bGcoXCMUZftSTrISC/icGlCME5D2Ah9TGJrX30GIcEhrDlYXC2YJ2v:1aNQSDFlCzzLTGJ4G+4Y
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2