b29516fa8711c1c941b5f0f759d32524726ba7fec056a0661de649d16a011f35 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1abcc8f626d678e2c60c26b138d569d_JaffaCakes118
Size

112KB
Sample

240907-l12b8sycpb
MD5

d1abcc8f626d678e2c60c26b138d569d
SHA1

4a64952a9b02dfded8b0858cf4e90fe9d87d6962
SHA256

b29516fa8711c1c941b5f0f759d32524726ba7fec056a0661de649d16a011f35
SHA512

32ee75e85fa65a359ef3b98869eb58bc229d40cdbb866e5e09c37c804e34fbc9a1e2a4103d6f74165033baa3aaa9fada6b8811f967548163bfbefd1b6b2f26ab
SSDEEP

3072:Sp6C7gJyCpctk7LDb0CXiVnHvU1eTJ0ZP:W658uctez0CXiVnHv6OJ05

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d1abcc8f626d678e2c60c26b138d569d_JaffaCakes118
- Size
  
  112KB
- MD5
  
  d1abcc8f626d678e2c60c26b138d569d
- SHA1
  
  4a64952a9b02dfded8b0858cf4e90fe9d87d6962
- SHA256
  
  b29516fa8711c1c941b5f0f759d32524726ba7fec056a0661de649d16a011f35
- SHA512
  
  32ee75e85fa65a359ef3b98869eb58bc229d40cdbb866e5e09c37c804e34fbc9a1e2a4103d6f74165033baa3aaa9fada6b8811f967548163bfbefd1b6b2f26ab
- SSDEEP
  
  3072:Sp6C7gJyCpctk7LDb0CXiVnHvU1eTJ0ZP:W658uctez0CXiVnHv6OJ05
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2