30960433f2998c30b8c6469f98c02f2893ff0df494cb9f904d48324653177bdd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3ad1ecc7fe80f49e5c32f11d148697d_JaffaCakes118
Size

105KB
Sample

240908-ge2nnazdqn
MD5

d3ad1ecc7fe80f49e5c32f11d148697d
SHA1

0c7f50917b96e4d6cd791ae61cb95a7b5f7b479a
SHA256

30960433f2998c30b8c6469f98c02f2893ff0df494cb9f904d48324653177bdd
SHA512

7ad498f6b8b31252d92a50d7068f59d34aeb2ef954cc2e4b611a8a75c07e3ccd5380ce1e38e9f0aa6cfaa4ba9160a451600affb53ec39ce567934f00610c414e
SSDEEP

3072:3ZlsN/vCtko2SYgnZoRHdrHx5GXBwLWNIz:JlsNJo2ShZoldrPGXB5Iz

Score

7^/10

aspackv2 discovery

Malware Config

Targets

- Target
  
  d3ad1ecc7fe80f49e5c32f11d148697d_JaffaCakes118
- Size
  
  105KB
- MD5
  
  d3ad1ecc7fe80f49e5c32f11d148697d
- SHA1
  
  0c7f50917b96e4d6cd791ae61cb95a7b5f7b479a
- SHA256
  
  30960433f2998c30b8c6469f98c02f2893ff0df494cb9f904d48324653177bdd
- SHA512
  
  7ad498f6b8b31252d92a50d7068f59d34aeb2ef954cc2e4b611a8a75c07e3ccd5380ce1e38e9f0aa6cfaa4ba9160a451600affb53ec39ce567934f00610c414e
- SSDEEP
  
  3072:3ZlsN/vCtko2SYgnZoRHdrHx5GXBwLWNIz:JlsNJo2ShZoldrPGXB5Iz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2