734661e749735c0368aac352c789ba7f6b23ed35ac8fea13b0deaf77c8f94943 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d155d7e8c525b60e128e175162d2d152_JaffaCakes118
Size

14KB
Sample

240907-hqqwza1cmc
MD5

d155d7e8c525b60e128e175162d2d152
SHA1

d55d3e048eb0722c2bfd90c7e779c942d7d05bb1
SHA256

734661e749735c0368aac352c789ba7f6b23ed35ac8fea13b0deaf77c8f94943
SHA512

22d8a9b2a3640bd80d06e686c9dc4dc5e3516a1791525928c9b96dc7d1c7eb87c94d1538d376b67563a25f2069a1fedc873ee822238dcd388060a49da27adbeb
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYJns:hDXWipuE+K3/SSHgxm6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d155d7e8c525b60e128e175162d2d152_JaffaCakes118
- Size
  
  14KB
- MD5
  
  d155d7e8c525b60e128e175162d2d152
- SHA1
  
  d55d3e048eb0722c2bfd90c7e779c942d7d05bb1
- SHA256
  
  734661e749735c0368aac352c789ba7f6b23ed35ac8fea13b0deaf77c8f94943
- SHA512
  
  22d8a9b2a3640bd80d06e686c9dc4dc5e3516a1791525928c9b96dc7d1c7eb87c94d1538d376b67563a25f2069a1fedc873ee822238dcd388060a49da27adbeb
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYJns:hDXWipuE+K3/SSHgxm6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2