26ce915846683f3e943b2d01019550700f532ca12fe550d8c0a76755daa32a18 | Triage

Sharing

General

Target

bd60f66b4f8f88d9e9b21e885e8cc97a_JaffaCakes118
Size

15KB
Sample

240823-176ymazfmd
MD5

bd60f66b4f8f88d9e9b21e885e8cc97a
SHA1

670496ff2594509dfec8581b9ddbbe3f4faba6e0
SHA256

26ce915846683f3e943b2d01019550700f532ca12fe550d8c0a76755daa32a18
SHA512

872e72090d8773299d1dd4d26ff8f3296bd1244343b183a9e3787310ca891bf785dd3d7686344fc49a26e6d10cb31f060937ca029d4c88da82c6dbde83e5209e
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY8q:hDXWipuE+K3/SSHgxm8q

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bd60f66b4f8f88d9e9b21e885e8cc97a_JaffaCakes118
- Size
  
  15KB
- MD5
  
  bd60f66b4f8f88d9e9b21e885e8cc97a
- SHA1
  
  670496ff2594509dfec8581b9ddbbe3f4faba6e0
- SHA256
  
  26ce915846683f3e943b2d01019550700f532ca12fe550d8c0a76755daa32a18
- SHA512
  
  872e72090d8773299d1dd4d26ff8f3296bd1244343b183a9e3787310ca891bf785dd3d7686344fc49a26e6d10cb31f060937ca029d4c88da82c6dbde83e5209e
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY8q:hDXWipuE+K3/SSHgxm8q
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2