ad2d9e9ccf4071b62734a41e10deb2f488aa6991b24eb4d291bed295a83fd3d7 | Triage

Sharing

General

Target

d006bac7387f1928c1ce6b8a26605311_JaffaCakes118
Size

255KB
Sample

240906-vkn7eaxgln
MD5

d006bac7387f1928c1ce6b8a26605311
SHA1

2bfc6117f49fdc4e01e41057eb9433aa8d3e3052
SHA256

ad2d9e9ccf4071b62734a41e10deb2f488aa6991b24eb4d291bed295a83fd3d7
SHA512

477686222adb487030904d4c405155ce125366a41e13cee9a76253947faf5b3f8002d45bc6f1567f8ecd19b68c73b5dc8c2cd76df21daabc82ec6ab7277978b0
SSDEEP

6144:YoTf1YERoTf1YEzoTf1Y06Ifn8xAfIn2uR:YoTfDRoTf7zoTf7rn8egn2u

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d006bac7387f1928c1ce6b8a26605311_JaffaCakes118
- Size
  
  255KB
- MD5
  
  d006bac7387f1928c1ce6b8a26605311
- SHA1
  
  2bfc6117f49fdc4e01e41057eb9433aa8d3e3052
- SHA256
  
  ad2d9e9ccf4071b62734a41e10deb2f488aa6991b24eb4d291bed295a83fd3d7
- SHA512
  
  477686222adb487030904d4c405155ce125366a41e13cee9a76253947faf5b3f8002d45bc6f1567f8ecd19b68c73b5dc8c2cd76df21daabc82ec6ab7277978b0
- SSDEEP
  
  6144:YoTf1YERoTf1YEzoTf1Y06Ifn8xAfIn2uR:YoTfDRoTf7zoTf7rn8egn2u
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2