51681f925d3cffbf91d5384311eb1fbc4049c8a3090466620572f5f68a74e326 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1daf0fd585465764cb61349c5e86543_JaffaCakes118
Size

317KB
Sample

240907-nvx4qssgng
MD5

d1daf0fd585465764cb61349c5e86543
SHA1

a6ac4915b92916a2b93f4848d17f2ecf472b3330
SHA256

51681f925d3cffbf91d5384311eb1fbc4049c8a3090466620572f5f68a74e326
SHA512

9f7b284d2f31c8876932704e85999cdeb562da5951ec315ca4ce449f685ba9174a6278034528ac088d247cc13c75f35651ddd694d677cde633254bb6c913918b
SSDEEP

6144:+0YjywDhq1doBLbii5bkgVuN+xSKV7Wkrsf7LsOSfXVB8KC9bY:+0AywDhwdiXikbkgaISKVJXv8z9E

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d1daf0fd585465764cb61349c5e86543_JaffaCakes118
- Size
  
  317KB
- MD5
  
  d1daf0fd585465764cb61349c5e86543
- SHA1
  
  a6ac4915b92916a2b93f4848d17f2ecf472b3330
- SHA256
  
  51681f925d3cffbf91d5384311eb1fbc4049c8a3090466620572f5f68a74e326
- SHA512
  
  9f7b284d2f31c8876932704e85999cdeb562da5951ec315ca4ce449f685ba9174a6278034528ac088d247cc13c75f35651ddd694d677cde633254bb6c913918b
- SSDEEP
  
  6144:+0YjywDhq1doBLbii5bkgVuN+xSKV7Wkrsf7LsOSfXVB8KC9bY:+0AywDhwdiXikbkgaISKVJXv8z9E
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2