30e8d378f05fe57e00b235782954cde29841b123d7df1e4f17a2f93506e38908 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

badb9150e2d8391f49c55f0c8129606a_JaffaCakes118
Size

318KB
Sample

240823-jfhnaasamg
MD5

badb9150e2d8391f49c55f0c8129606a
SHA1

46de4ab5274ccfa458863454083955a77c83e3e5
SHA256

30e8d378f05fe57e00b235782954cde29841b123d7df1e4f17a2f93506e38908
SHA512

e3f1f4574d512ab08b2b3cdd72cc9cd7055970df718a816c709eb8cafa37036f1f857aee293a78b7e29111bf14bc549c756476dca76bfe2964e6b8bda896390c
SSDEEP

6144:uSB1Ed0h/CB5OVhc9kkE+rS97AJPPhw4DSmJlvzFsL9hxqCzQw/2kn+Op6SbjKXr:u81Ed0hYcVhu+ADw4D5lvzFsL9zcM+Rd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  badb9150e2d8391f49c55f0c8129606a_JaffaCakes118
- Size
  
  318KB
- MD5
  
  badb9150e2d8391f49c55f0c8129606a
- SHA1
  
  46de4ab5274ccfa458863454083955a77c83e3e5
- SHA256
  
  30e8d378f05fe57e00b235782954cde29841b123d7df1e4f17a2f93506e38908
- SHA512
  
  e3f1f4574d512ab08b2b3cdd72cc9cd7055970df718a816c709eb8cafa37036f1f857aee293a78b7e29111bf14bc549c756476dca76bfe2964e6b8bda896390c
- SSDEEP
  
  6144:uSB1Ed0h/CB5OVhc9kkE+rS97AJPPhw4DSmJlvzFsL9hxqCzQw/2kn+Op6SbjKXr:u81Ed0hYcVhu+ADw4D5lvzFsL9zcM+Rd
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2