191320d466b6b14d0859f784e1c51b0db1d5ba3f42f4a314b75ad4fd128496d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8b93ee68161ed1aead1908748c3bb53_JaffaCakes118
Size

660KB
Sample

240829-ng1yga1anq
MD5

c8b93ee68161ed1aead1908748c3bb53
SHA1

40d226f6661441cdd8dd87306f92931a6726fdc0
SHA256

191320d466b6b14d0859f784e1c51b0db1d5ba3f42f4a314b75ad4fd128496d0
SHA512

fb8be378dc7b364fcb0fae0b4fbeaa35c7f288a96a08260033dedc05300d874e07c5be855b81370811d7347e21bf9a229effc4d0d4929a3912c416579f733f55
SSDEEP

6144:YkpISMQwyRjxGUjR9wdHh2IcPqEtZ4CHcYwqO1sLpoJ//qQ4h0UAYqybbXAJYM:5ISMQllxn99wdHsTmfAO1sLa///Q0UzS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c8b93ee68161ed1aead1908748c3bb53_JaffaCakes118
- Size
  
  660KB
- MD5
  
  c8b93ee68161ed1aead1908748c3bb53
- SHA1
  
  40d226f6661441cdd8dd87306f92931a6726fdc0
- SHA256
  
  191320d466b6b14d0859f784e1c51b0db1d5ba3f42f4a314b75ad4fd128496d0
- SHA512
  
  fb8be378dc7b364fcb0fae0b4fbeaa35c7f288a96a08260033dedc05300d874e07c5be855b81370811d7347e21bf9a229effc4d0d4929a3912c416579f733f55
- SSDEEP
  
  6144:YkpISMQwyRjxGUjR9wdHh2IcPqEtZ4CHcYwqO1sLpoJ//qQ4h0UAYqybbXAJYM:5ISMQllxn99wdHsTmfAO1sLa///Q0UzS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Network Share Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2