970fc37e5e65af9ae80359beea60b00d37b885f2a85dca46dfac66e2f60b5df4 | Triage

Sharing

General

Target

8e28fdf1a5d189b7ecfa139389f69a6d_JaffaCakes118
Size

224KB
Sample

240812-k62phsvapm
MD5

8e28fdf1a5d189b7ecfa139389f69a6d
SHA1

65704c95aa8197879de89ff0461497f8891e46aa
SHA256

970fc37e5e65af9ae80359beea60b00d37b885f2a85dca46dfac66e2f60b5df4
SHA512

251215b75e702bc40ad8288861d9424c332b26c748bc19b8433ce41047cf41c5a7058a4f35b5df9a2e11998cb213725b044d6f9e2cb61cc9e0ad87a8bc2bdb56
SSDEEP

3072:6yCIh+ZmfSfL5mOSin7sJ+koykxgNkwQrPC705I50zHevc8oigMrJd3CFRa3Od:Yx9mOSinQJ+1dLwYaUZzgNgMEae

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8e28fdf1a5d189b7ecfa139389f69a6d_JaffaCakes118
- Size
  
  224KB
- MD5
  
  8e28fdf1a5d189b7ecfa139389f69a6d
- SHA1
  
  65704c95aa8197879de89ff0461497f8891e46aa
- SHA256
  
  970fc37e5e65af9ae80359beea60b00d37b885f2a85dca46dfac66e2f60b5df4
- SHA512
  
  251215b75e702bc40ad8288861d9424c332b26c748bc19b8433ce41047cf41c5a7058a4f35b5df9a2e11998cb213725b044d6f9e2cb61cc9e0ad87a8bc2bdb56
- SSDEEP
  
  3072:6yCIh+ZmfSfL5mOSin7sJ+koykxgNkwQrPC705I50zHevc8oigMrJd3CFRa3Od:Yx9mOSinQJ+1dLwYaUZzgNgMEae
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2