c9c5524199e4697a02e491fa7fe902c1f9f79ee623f165b87ba90bdae2a15ef6 | Triage

Sharing

General

Target

894e0123ee096f0ae8d575177cd2618a_JaffaCakes118
Size

57KB
Sample

240811-gzlg6syann
MD5

894e0123ee096f0ae8d575177cd2618a
SHA1

053626c6fc574636819c429fbb35edd7d4c8bdb3
SHA256

c9c5524199e4697a02e491fa7fe902c1f9f79ee623f165b87ba90bdae2a15ef6
SHA512

63cb5fff9d0e7ddfc812ca1fb35e756f661270d8b95e6795c00a4753c5425c0356a4474bc6f331aeebdc0cc132d43b5d10698e7626bf7e8585cf351659a8ae4d
SSDEEP

1536:PtqTQMx4H5izeIBBTGr4z5sU+spuZ9Axn:WJxaRkNMNspOAxn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  894e0123ee096f0ae8d575177cd2618a_JaffaCakes118
- Size
  
  57KB
- MD5
  
  894e0123ee096f0ae8d575177cd2618a
- SHA1
  
  053626c6fc574636819c429fbb35edd7d4c8bdb3
- SHA256
  
  c9c5524199e4697a02e491fa7fe902c1f9f79ee623f165b87ba90bdae2a15ef6
- SHA512
  
  63cb5fff9d0e7ddfc812ca1fb35e756f661270d8b95e6795c00a4753c5425c0356a4474bc6f331aeebdc0cc132d43b5d10698e7626bf7e8585cf351659a8ae4d
- SSDEEP
  
  1536:PtqTQMx4H5izeIBBTGr4z5sU+spuZ9Axn:WJxaRkNMNspOAxn
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2