854e53eb74971899feded9c773b2e6ae66cc0c819d17b1e9d8ebd9f01e23bf84 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7520b54b10a6a515b20c5b617ecc68d_JaffaCakes118
Size

38KB
Sample

240818-tmdm1ssajb
MD5

a7520b54b10a6a515b20c5b617ecc68d
SHA1

66f65ddb8e0a34797c60f9caf78f155f3c808505
SHA256

854e53eb74971899feded9c773b2e6ae66cc0c819d17b1e9d8ebd9f01e23bf84
SHA512

8a3fea88dd99954a5148951d271ee436f5287dcab7e9e5b4ff4bd3e0663e4b0d5eda33f871c4e00e33d72e5d9965b9f5f0b6e54d4f9067ce66c99f4ae9462d06
SSDEEP

768:fLlMg/ija+1I/5Ji9tCSuOvY+SWO8DtDG/zO39CKCf6TYV9:fLlJJQtiZNYDGSCKc9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a7520b54b10a6a515b20c5b617ecc68d_JaffaCakes118
- Size
  
  38KB
- MD5
  
  a7520b54b10a6a515b20c5b617ecc68d
- SHA1
  
  66f65ddb8e0a34797c60f9caf78f155f3c808505
- SHA256
  
  854e53eb74971899feded9c773b2e6ae66cc0c819d17b1e9d8ebd9f01e23bf84
- SHA512
  
  8a3fea88dd99954a5148951d271ee436f5287dcab7e9e5b4ff4bd3e0663e4b0d5eda33f871c4e00e33d72e5d9965b9f5f0b6e54d4f9067ce66c99f4ae9462d06
- SSDEEP
  
  768:fLlMg/ija+1I/5Ji9tCSuOvY+SWO8DtDG/zO39CKCf6TYV9:fLlJJQtiZNYDGSCKc9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2