89d78bce604459f69f0a3c198ded34690c8281e313bddf569ecda5cc150f8787 | Triage

Sharing

General

Target

b3b577addfb85ed7dfa718608092f801_JaffaCakes118
Size

130KB
Sample

240821-q5j1zaverq
MD5

b3b577addfb85ed7dfa718608092f801
SHA1

d7228c41624f3bb84a50195125aaee8d83990110
SHA256

89d78bce604459f69f0a3c198ded34690c8281e313bddf569ecda5cc150f8787
SHA512

d24d39217512064566b4d70b6a962aaafc0e5a1402cfd61ed719b9765b54f0a0b8558660802322962fc19bd70ebf31cb0fe8468d1561e019b1588321b50bb61b
SSDEEP

3072:y6CBzlnEQYi4TZTUna6OaAL3DqVijZvxunDOQw:y6eKm6UnJOa6x+DOF

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b3b577addfb85ed7dfa718608092f801_JaffaCakes118
- Size
  
  130KB
- MD5
  
  b3b577addfb85ed7dfa718608092f801
- SHA1
  
  d7228c41624f3bb84a50195125aaee8d83990110
- SHA256
  
  89d78bce604459f69f0a3c198ded34690c8281e313bddf569ecda5cc150f8787
- SHA512
  
  d24d39217512064566b4d70b6a962aaafc0e5a1402cfd61ed719b9765b54f0a0b8558660802322962fc19bd70ebf31cb0fe8468d1561e019b1588321b50bb61b
- SSDEEP
  
  3072:y6CBzlnEQYi4TZTUna6OaAL3DqVijZvxunDOQw:y6eKm6UnJOa6x+DOF
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2