55b1ebd4ba4303a9f65ed247bf254c06438c7bbbbe4b123ba0fedc3552ff640e | Triage

Sharing

General

Target

b302f22aea1c4401e31e5b3cda2334a7_JaffaCakes118
Size

272KB
Sample

240821-lye18awarl
MD5

b302f22aea1c4401e31e5b3cda2334a7
SHA1

46612a17073ffaa21282c6fd3a15cc333acdbd07
SHA256

55b1ebd4ba4303a9f65ed247bf254c06438c7bbbbe4b123ba0fedc3552ff640e
SHA512

89681fd3437f21f526e6520c64a8573ffe6d94bbaa5f60253fb91a944d4a7dee45c2e0c7c783b6672f9995b31218493860b78cbe4f9a43b828e0f22dfd63cb7f
SSDEEP

3072:dFk1LveZn9cyuNX7fltaRlIznItjbCXqeZLFoqswq65i+/IWTBfvkF5OT:3kdyPuNX7flMRizIEtL66YyIWTB3kWT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b302f22aea1c4401e31e5b3cda2334a7_JaffaCakes118
- Size
  
  272KB
- MD5
  
  b302f22aea1c4401e31e5b3cda2334a7
- SHA1
  
  46612a17073ffaa21282c6fd3a15cc333acdbd07
- SHA256
  
  55b1ebd4ba4303a9f65ed247bf254c06438c7bbbbe4b123ba0fedc3552ff640e
- SHA512
  
  89681fd3437f21f526e6520c64a8573ffe6d94bbaa5f60253fb91a944d4a7dee45c2e0c7c783b6672f9995b31218493860b78cbe4f9a43b828e0f22dfd63cb7f
- SSDEEP
  
  3072:dFk1LveZn9cyuNX7fltaRlIznItjbCXqeZLFoqswq65i+/IWTBfvkF5OT:3kdyPuNX7flMRizIEtL66YyIWTB3kWT
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2