5292750038a6afbe0f829e561cff90fd5bc466f1f8d8f16ab0b73d5366d14969 | Triage

Sharing

General

Target

b263c9172799b0e1596cba6f1bc7dd87_JaffaCakes118
Size

188KB
Sample

240821-g2dv4sxcrr
MD5

b263c9172799b0e1596cba6f1bc7dd87
SHA1

04fc6f0dca8a4b29464db36c7d00162ffd765985
SHA256

5292750038a6afbe0f829e561cff90fd5bc466f1f8d8f16ab0b73d5366d14969
SHA512

7142e63a9fdf643ea4499af6eec487088086d626ee50b3ac27ab698d321e7828b52b2b9dd35c042367bf7c7a60cea2f869a2d9e61f8bb5eb069baf8427171faa
SSDEEP

3072:Z4lRkAehGfzmuqTPryFq2TTNTJTCN5gTGhSkT5dgsUGOgkBFVYbsVTHuGETXvOTt:Z4lRkAehaKuqT+FJ85p8mlqn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b263c9172799b0e1596cba6f1bc7dd87_JaffaCakes118
- Size
  
  188KB
- MD5
  
  b263c9172799b0e1596cba6f1bc7dd87
- SHA1
  
  04fc6f0dca8a4b29464db36c7d00162ffd765985
- SHA256
  
  5292750038a6afbe0f829e561cff90fd5bc466f1f8d8f16ab0b73d5366d14969
- SHA512
  
  7142e63a9fdf643ea4499af6eec487088086d626ee50b3ac27ab698d321e7828b52b2b9dd35c042367bf7c7a60cea2f869a2d9e61f8bb5eb069baf8427171faa
- SSDEEP
  
  3072:Z4lRkAehGfzmuqTPryFq2TTNTJTCN5gTGhSkT5dgsUGOgkBFVYbsVTHuGETXvOTt:Z4lRkAehaKuqT+FJ85p8mlqn
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2