e39bc06844587cd8fc7c8470383695a7fb3ed982a73e562749cd553a29d4f861 | Triage

Sharing

General

Target

b1d0749fac0ccac54d28f890276956e6_JaffaCakes118
Size

24KB
Sample

240821-c5nr9szeqj
MD5

b1d0749fac0ccac54d28f890276956e6
SHA1

6aa92670a64b0a550398f346aad0cbec8cec7030
SHA256

e39bc06844587cd8fc7c8470383695a7fb3ed982a73e562749cd553a29d4f861
SHA512

cc52ef930217b45c0ef924d6b1bda9e30bcddc9553414146218724a61f87173184c16911fde58f70ab672be1768f8450395be43e4e942a38dc4a04c9a0e8c4f6
SSDEEP

384:P2fgALTUkslsbrziyrz/0kcevv9NIdu1EN0Rw+MueQrHIKOP+TLPkRBxTOg:4rzbrzskcwXH1E+PHqPsLPkRBx6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b1d0749fac0ccac54d28f890276956e6_JaffaCakes118
- Size
  
  24KB
- MD5
  
  b1d0749fac0ccac54d28f890276956e6
- SHA1
  
  6aa92670a64b0a550398f346aad0cbec8cec7030
- SHA256
  
  e39bc06844587cd8fc7c8470383695a7fb3ed982a73e562749cd553a29d4f861
- SHA512
  
  cc52ef930217b45c0ef924d6b1bda9e30bcddc9553414146218724a61f87173184c16911fde58f70ab672be1768f8450395be43e4e942a38dc4a04c9a0e8c4f6
- SSDEEP
  
  384:P2fgALTUkslsbrziyrz/0kcevv9NIdu1EN0Rw+MueQrHIKOP+TLPkRBxTOg:4rzbrzskcwXH1E+PHqPsLPkRBx6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2