866741e77ec714ff876f91fb3aa10fbe9efa1737e70f2c27305b9755eb8b0dd6 | Triage

Sharing

General

Target

bb1ed6aec7d33024522901ff98fd7ccd_JaffaCakes118
Size

80KB
Sample

240823-k3ytfsxhlr
MD5

bb1ed6aec7d33024522901ff98fd7ccd
SHA1

8c507233b4c1f389619f10162a08c1718994dfa7
SHA256

866741e77ec714ff876f91fb3aa10fbe9efa1737e70f2c27305b9755eb8b0dd6
SHA512

e3192de39ef8142a36fb8f80c895f6c6c5ca9694452ef6bf62ea53f14e65845ad2844ff3346e907a82996235cc443d97d55bf435a2df298e0647ec6e6d5bc228
SSDEEP

1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBEogU:vCjsIOtEvwDpj5H9YvQd23

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bb1ed6aec7d33024522901ff98fd7ccd_JaffaCakes118
- Size
  
  80KB
- MD5
  
  bb1ed6aec7d33024522901ff98fd7ccd
- SHA1
  
  8c507233b4c1f389619f10162a08c1718994dfa7
- SHA256
  
  866741e77ec714ff876f91fb3aa10fbe9efa1737e70f2c27305b9755eb8b0dd6
- SHA512
  
  e3192de39ef8142a36fb8f80c895f6c6c5ca9694452ef6bf62ea53f14e65845ad2844ff3346e907a82996235cc443d97d55bf435a2df298e0647ec6e6d5bc228
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBEogU:vCjsIOtEvwDpj5H9YvQd23
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2