b2242c0e03cf0ff1e8d88a487ac028c1d98a367d1537152711ff83dbe70f2d9b | Triage

Sharing

General

Target

8a231bc5d388a7d6d417eb526d95c5a4_JaffaCakes118
Size

2.5MB
Sample

240811-m989wa1ejd
MD5

8a231bc5d388a7d6d417eb526d95c5a4
SHA1

f2ced7c7335bf6ffb019078f514e0920c199bbad
SHA256

b2242c0e03cf0ff1e8d88a487ac028c1d98a367d1537152711ff83dbe70f2d9b
SHA512

93493e66b85d990d63fb79e80a8688de271439f0044a4cb8a448ec150f1e35a00544a0ab36778585524010759970ea47b9dc9ae0af7f996446f2e520cc3cea47
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rJ:o7AEvgVOy29Ls3JslVYzjMO26is

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8a231bc5d388a7d6d417eb526d95c5a4_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  8a231bc5d388a7d6d417eb526d95c5a4
- SHA1
  
  f2ced7c7335bf6ffb019078f514e0920c199bbad
- SHA256
  
  b2242c0e03cf0ff1e8d88a487ac028c1d98a367d1537152711ff83dbe70f2d9b
- SHA512
  
  93493e66b85d990d63fb79e80a8688de271439f0044a4cb8a448ec150f1e35a00544a0ab36778585524010759970ea47b9dc9ae0af7f996446f2e520cc3cea47
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1rJ:o7AEvgVOy29Ls3JslVYzjMO26is
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2