2233e8860a1a352d103dd2bf7369faae298094b773c8362e23b1745458cda0ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6d1fda41f266f6080b97f46c40aea73_JaffaCakes118
Size

426KB
Sample

240822-h9k5tsyaqm
MD5

b6d1fda41f266f6080b97f46c40aea73
SHA1

70ffd879ad4028c8a5c103398e88999580b4d806
SHA256

2233e8860a1a352d103dd2bf7369faae298094b773c8362e23b1745458cda0ff
SHA512

96a681eb0f393a08d23695285af7a0709e69d37fa727a88e97f87f0513915649bcc4829e76c27810945aaf03a5f9c17bdb2f4f5c9d788b78906e927fd937e22c
SSDEEP

12288:YkWJf+DybqjGiBqYGCfZ2nPzMyxOcMKY4:YZ+ye7svwQYyoKH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b6d1fda41f266f6080b97f46c40aea73_JaffaCakes118
- Size
  
  426KB
- MD5
  
  b6d1fda41f266f6080b97f46c40aea73
- SHA1
  
  70ffd879ad4028c8a5c103398e88999580b4d806
- SHA256
  
  2233e8860a1a352d103dd2bf7369faae298094b773c8362e23b1745458cda0ff
- SHA512
  
  96a681eb0f393a08d23695285af7a0709e69d37fa727a88e97f87f0513915649bcc4829e76c27810945aaf03a5f9c17bdb2f4f5c9d788b78906e927fd937e22c
- SSDEEP
  
  12288:YkWJf+DybqjGiBqYGCfZ2nPzMyxOcMKY4:YZ+ye7svwQYyoKH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2