07d0e3f84c38d4405030d28783b962a5152a72f7f6ad252fff36049c676581c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0a00049823fd8f4ad42f7cf91953b18_JaffaCakes118
Size

15KB
Sample

240820-yrczha1arf
MD5

b0a00049823fd8f4ad42f7cf91953b18
SHA1

80d1e4f23ca2ce8d1fc1afecc815e6972807b835
SHA256

07d0e3f84c38d4405030d28783b962a5152a72f7f6ad252fff36049c676581c9
SHA512

0e7cb9f6d6709f6074d3dfcfb0e60da848a7180f8721d4c4313e8348472a2f22d1a5b4195dc157e27d6129ee328f3b9d9844bb7e654cd153dd5289e905733083
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYKB2HTyC:hDXWipuE+K3/SSHgxmKEzyC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b0a00049823fd8f4ad42f7cf91953b18_JaffaCakes118
- Size
  
  15KB
- MD5
  
  b0a00049823fd8f4ad42f7cf91953b18
- SHA1
  
  80d1e4f23ca2ce8d1fc1afecc815e6972807b835
- SHA256
  
  07d0e3f84c38d4405030d28783b962a5152a72f7f6ad252fff36049c676581c9
- SHA512
  
  0e7cb9f6d6709f6074d3dfcfb0e60da848a7180f8721d4c4313e8348472a2f22d1a5b4195dc157e27d6129ee328f3b9d9844bb7e654cd153dd5289e905733083
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYKB2HTyC:hDXWipuE+K3/SSHgxmKEzyC
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2