3dc595a981fecd983072cc6f9f424a810acf449eed983fdc8dd58d8153fdf028 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9ff89bbe428eeb73e3d1e927c6d91ff_JaffaCakes118
Size

2.6MB
Sample

240819-hjqbvsshkn
MD5

a9ff89bbe428eeb73e3d1e927c6d91ff
SHA1

64145cd4da176cb9101ad26da6d151274c0dc22a
SHA256

3dc595a981fecd983072cc6f9f424a810acf449eed983fdc8dd58d8153fdf028
SHA512

a1f08f07a6363c962f4e7237de85735d4bac2067ff93b6a7833e27db70eb89dc8c4ffb7184322c758c2ea0985ea7bfce0542ff58564e859fa9259711b1583a65
SSDEEP

49152:oDy796EvMtTx435MtV+On5vMNbcwO6m2zGKYraTh+ZTOdFrxviiBI1rb:f7AEvgVOA5WbcoHzGlr8h+5q4ii

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a9ff89bbe428eeb73e3d1e927c6d91ff_JaffaCakes118
- Size
  
  2.6MB
- MD5
  
  a9ff89bbe428eeb73e3d1e927c6d91ff
- SHA1
  
  64145cd4da176cb9101ad26da6d151274c0dc22a
- SHA256
  
  3dc595a981fecd983072cc6f9f424a810acf449eed983fdc8dd58d8153fdf028
- SHA512
  
  a1f08f07a6363c962f4e7237de85735d4bac2067ff93b6a7833e27db70eb89dc8c4ffb7184322c758c2ea0985ea7bfce0542ff58564e859fa9259711b1583a65
- SSDEEP
  
  49152:oDy796EvMtTx435MtV+On5vMNbcwO6m2zGKYraTh+ZTOdFrxviiBI1rb:f7AEvgVOA5WbcoHzGlr8h+5q4ii
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2