340a58a8e81b3832dbafe69b957488de78cbc79925b07f920441195c6a37868e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9f7dfeb2923902357999b0fb14d6974_JaffaCakes118
Size

61KB
Sample

240823-cpawgasenm
MD5

b9f7dfeb2923902357999b0fb14d6974
SHA1

923394aee8b08fe9458b853a7fd6cfa40fa0fe9a
SHA256

340a58a8e81b3832dbafe69b957488de78cbc79925b07f920441195c6a37868e
SHA512

1f49b8c674f03e85ef733b7156490b1530278250c28fc979bc56f30aea7010d325e807b88d32af0d8f0f35fd561d6191acecf5db3961899a41153047154ac65f
SSDEEP

1536:4zzXHr5B2d93i7YiFrBPhe/GZBRMsn+i/4T:4zz3r5B2Ty7YAP5X4T

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b9f7dfeb2923902357999b0fb14d6974_JaffaCakes118
- Size
  
  61KB
- MD5
  
  b9f7dfeb2923902357999b0fb14d6974
- SHA1
  
  923394aee8b08fe9458b853a7fd6cfa40fa0fe9a
- SHA256
  
  340a58a8e81b3832dbafe69b957488de78cbc79925b07f920441195c6a37868e
- SHA512
  
  1f49b8c674f03e85ef733b7156490b1530278250c28fc979bc56f30aea7010d325e807b88d32af0d8f0f35fd561d6191acecf5db3961899a41153047154ac65f
- SSDEEP
  
  1536:4zzXHr5B2d93i7YiFrBPhe/GZBRMsn+i/4T:4zz3r5B2Ty7YAP5X4T
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2