39791feb2b6054eece926883c8a4de1859942f7c6da76e41365d08ba037c2b53 | Triage

Sharing

General

Target

8ba0641a23e2f9b6a55dee72e53ee022_JaffaCakes118
Size

404KB
Sample

240811-xve3latcnm
MD5

8ba0641a23e2f9b6a55dee72e53ee022
SHA1

73a6930a77cc261afd58b504f9e9c80603d0b77a
SHA256

39791feb2b6054eece926883c8a4de1859942f7c6da76e41365d08ba037c2b53
SHA512

fe68a4dd1f8562f49c90b63942607631c1e924907452d7fe7fa785ae0976ba7bae6959c4206040441a962c57053d4aaeeb3402b70e836aa273ef29950bb3a5fc
SSDEEP

3072:pnl5sq/bWKyXK2w4Kd80nuixoK+f93JFPJEJh20MAuNHedAV9KSR:pnvsC2TKW0Dn+l3JFPC3El9KY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8ba0641a23e2f9b6a55dee72e53ee022_JaffaCakes118
- Size
  
  404KB
- MD5
  
  8ba0641a23e2f9b6a55dee72e53ee022
- SHA1
  
  73a6930a77cc261afd58b504f9e9c80603d0b77a
- SHA256
  
  39791feb2b6054eece926883c8a4de1859942f7c6da76e41365d08ba037c2b53
- SHA512
  
  fe68a4dd1f8562f49c90b63942607631c1e924907452d7fe7fa785ae0976ba7bae6959c4206040441a962c57053d4aaeeb3402b70e836aa273ef29950bb3a5fc
- SSDEEP
  
  3072:pnl5sq/bWKyXK2w4Kd80nuixoK+f93JFPJEJh20MAuNHedAV9KSR:pnvsC2TKW0Dn+l3JFPC3El9KY
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2