18e5dff6f6651775902b497d538f2005ff2a5585620a438cbd7a56b53511626f | Triage

Sharing

General

Target

8b3ed28dcb1de8c770d3483cfe1916db_JaffaCakes118
Size

5KB
Sample

240811-vrqntayfkn
MD5

8b3ed28dcb1de8c770d3483cfe1916db
SHA1

782afbbd6b01ae59e189a8756f4d9d7ca37dcef1
SHA256

18e5dff6f6651775902b497d538f2005ff2a5585620a438cbd7a56b53511626f
SHA512

9be75022d3cf0de282606994eda3955ffbd28cb3e44ab071aec4261f3ad208f3343315bd6d3550065a56fb7de78642a8f3909de7f6e6405a87768d7af9367609
SSDEEP

96:w3QKy+w4HNi1cl/E1ejMPbsIqW4AaApNu3vWzoiRaajpL4fd89BFu9V1aTamW:nwl/E1ejVIR3aAN7zLRaU4+FuMamW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8b3ed28dcb1de8c770d3483cfe1916db_JaffaCakes118
- Size
  
  5KB
- MD5
  
  8b3ed28dcb1de8c770d3483cfe1916db
- SHA1
  
  782afbbd6b01ae59e189a8756f4d9d7ca37dcef1
- SHA256
  
  18e5dff6f6651775902b497d538f2005ff2a5585620a438cbd7a56b53511626f
- SHA512
  
  9be75022d3cf0de282606994eda3955ffbd28cb3e44ab071aec4261f3ad208f3343315bd6d3550065a56fb7de78642a8f3909de7f6e6405a87768d7af9367609
- SSDEEP
  
  96:w3QKy+w4HNi1cl/E1ejMPbsIqW4AaApNu3vWzoiRaajpL4fd89BFu9V1aTamW:nwl/E1ejVIR3aAN7zLRaU4+FuMamW
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2