dada59d3b17d9e6401dad2215c7a3721f128103fc1fc0e2b9df853acb674847d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a4dd139172c7d97e6bf998ffa3dc1a5_JaffaCakes118
Size

173KB
Sample

240811-pa3n6ashqh
MD5

8a4dd139172c7d97e6bf998ffa3dc1a5
SHA1

3ce51a9bcbdc9280610306e3a492534fcfd09680
SHA256

dada59d3b17d9e6401dad2215c7a3721f128103fc1fc0e2b9df853acb674847d
SHA512

a0a0b5142bce68d564dcd58b6dac758398b8c20d1caeec4963ee7f5fa0297580d326e1f0952a083d22a1dcf80bcdde24a1f2d20b618818e32baf4e2ca5457bc3
SSDEEP

3072:FwJnoIh3UbIma2QSO89DOTCXk+YtNWct+TM:FgoIh3WVMTCQtNL+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8a4dd139172c7d97e6bf998ffa3dc1a5_JaffaCakes118
- Size
  
  173KB
- MD5
  
  8a4dd139172c7d97e6bf998ffa3dc1a5
- SHA1
  
  3ce51a9bcbdc9280610306e3a492534fcfd09680
- SHA256
  
  dada59d3b17d9e6401dad2215c7a3721f128103fc1fc0e2b9df853acb674847d
- SHA512
  
  a0a0b5142bce68d564dcd58b6dac758398b8c20d1caeec4963ee7f5fa0297580d326e1f0952a083d22a1dcf80bcdde24a1f2d20b618818e32baf4e2ca5457bc3
- SSDEEP
  
  3072:FwJnoIh3UbIma2QSO89DOTCXk+YtNWct+TM:FgoIh3WVMTCQtNL+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2