7be03972689cdb99ced758ab15fd50f907480df15c477d74703df8e9fba1f3c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b72d7b7802f923b4c85efc67b97f8675_JaffaCakes118
Size

224KB
Sample

240822-ltff7atbll
MD5

b72d7b7802f923b4c85efc67b97f8675
SHA1

5d48d97f90c80d82d028e007f5b3a07fadf7625c
SHA256

7be03972689cdb99ced758ab15fd50f907480df15c477d74703df8e9fba1f3c0
SHA512

1c7ccb5b3be0a5e224dc390e245da5fb879ef26764d4dd5e0f507b814acf4358d58fdc17bfe47d6ee1a15cc74d81a95ada7955a19a7ca3f60653b0a82233e474
SSDEEP

3072:GfxKhs8gfW6hCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GfAheLAYcD6Kad

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b72d7b7802f923b4c85efc67b97f8675_JaffaCakes118
- Size
  
  224KB
- MD5
  
  b72d7b7802f923b4c85efc67b97f8675
- SHA1
  
  5d48d97f90c80d82d028e007f5b3a07fadf7625c
- SHA256
  
  7be03972689cdb99ced758ab15fd50f907480df15c477d74703df8e9fba1f3c0
- SHA512
  
  1c7ccb5b3be0a5e224dc390e245da5fb879ef26764d4dd5e0f507b814acf4358d58fdc17bfe47d6ee1a15cc74d81a95ada7955a19a7ca3f60653b0a82233e474
- SSDEEP
  
  3072:GfxKhs8gfW6hCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GfAheLAYcD6Kad
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2