69057be0a3273dafa41d48d8d6b9e539f93090df0511f0e4223a4508fcca0b63 | Triage

Sharing

General

Target

93db7b30e5b5e2a7aaab48b1658ab951_JaffaCakes118
Size

717KB
Sample

240813-tymeastgla
MD5

93db7b30e5b5e2a7aaab48b1658ab951
SHA1

3f5e6ba5b9835325c327985c54d95054dd24a52c
SHA256

69057be0a3273dafa41d48d8d6b9e539f93090df0511f0e4223a4508fcca0b63
SHA512

1d580a8d12e1f59ac534966a4b2e09357bee544d3960f4f95c8e3e4079a71e2ce4aec1a8e1288c7a4523a5cc5a58e1d9365a25d8fb1b79915256c128c26f8021
SSDEEP

12288:/430KrWkT5kn34Y5VC42VA4j433dFnpLtGGm5plwhLhp+oJ3TIavZ:/4khkSnDZ33zhnmTl8Lmqp

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  93db7b30e5b5e2a7aaab48b1658ab951_JaffaCakes118
- Size
  
  717KB
- MD5
  
  93db7b30e5b5e2a7aaab48b1658ab951
- SHA1
  
  3f5e6ba5b9835325c327985c54d95054dd24a52c
- SHA256
  
  69057be0a3273dafa41d48d8d6b9e539f93090df0511f0e4223a4508fcca0b63
- SHA512
  
  1d580a8d12e1f59ac534966a4b2e09357bee544d3960f4f95c8e3e4079a71e2ce4aec1a8e1288c7a4523a5cc5a58e1d9365a25d8fb1b79915256c128c26f8021
- SSDEEP
  
  12288:/430KrWkT5kn34Y5VC42VA4j433dFnpLtGGm5plwhLhp+oJ3TIavZ:/4khkSnDZ33zhnmTl8Lmqp
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2